what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files

PHP Laravel 8.70.1 Cross Site Request Forgery / Cross Site Scripting
Posted Nov 15, 2021
Authored by Hosein Vita

PHP Laravel version 8.70.1 suffers from cross site scripting and cross site request forgery related vulnerabilities.

tags | exploit, php, vulnerability, xss, csrf
SHA-256 | 03959819037d931fa9bc8a86e042128e57d18e192cdb95d48075c2d8e2c636b5

Related Files

Laravel Framework 11 Credential Disclosure
Posted Apr 22, 2024
Authored by Huseein Amer

Laravel Framework version 11 suffers from a credential disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2024-29291
SHA-256 | 0f46b7fe0d34dd07e9a8db63a2302513bdef1017e3780ffff315cee267f96243
FleetCart Laravel Ecommerce System 1.1.2 Insecure Settings
Posted Aug 22, 2023
Authored by indoushka

FleetCart Laravel Ecommerce System version 1.1.2 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 68a6c17d047c26ef9fa83b8414516311214d6cb3d30aea8512036eb95fd0c4f9
AmazCart Laravel Ecommerce System CMS 3.4 Cross Site Scripting
Posted Jan 23, 2023
Authored by Sajibe Kanti

AmazCart Laravel Ecommerce System CMS version 3.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9b03c94b047b3bc49c9b1c4ca00700238a74dd617a510b95e815b3ea9c26f674
Laravel 9.47.0 Information Disclosure
Posted Jan 13, 2023
Authored by indoushka

Laravel versions 1.0 to 9.47.0 suffer from database disclosure and information leakage vulnerabilities.

tags | exploit, vulnerability, info disclosure
SHA-256 | 111b6533007bb0d30833a8fec10c414266b1f7095e1f6e0aecfa7bb54a3e2319
Laravel Media Library Pro 2.1.6 Shell Upload
Posted Mar 15, 2022
Authored by Kelvin Yip | Site cybersecthreat.com

Laravel Media Library Pro versions 2.1.6 and below as well as 1.17.10 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2021-45040
SHA-256 | 6d8f2553e3fe9002ec60d7e3a9741740a148f8cf1da6fb3d7263cf99278e8f1e
Ignition Remote Code Execution
Posted Feb 16, 2022
Authored by Heyder Andrade, ambionics | Site metasploit.com

Ignition versions prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.

tags | exploit, remote, arbitrary
advisories | CVE-2021-3129
SHA-256 | 1a428973d57b49630c03761c229ad5f2989539e00fde683c743407e8d561d597
Laravel Valet 2.0.3 Privilege Escalation
Posted Dec 14, 2021
Authored by leonjza

Laravel Valet version 2.0.3 local privilege escalation exploit for macOS.

tags | exploit, local
SHA-256 | 2c127d95d2ce5f88d9a84b080c89d8e3adb9a2ae6896312ed14c58295860de08
Aimeos Laravel Ecommerce Platform 2021.10 LTS SQL Injection
Posted Nov 22, 2021
Authored by Ilker Burak Adiyaman

Aimeos Laravel Ecommerce Platform version 2021.10 LTS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2fae4289aace3459fa366b914b29f2b20838c09d5a87878e017a85ab79b6d6bb
Ignition 2.5.1 Remote Code Execution
Posted Apr 7, 2021
Authored by cfreal

Ignition versions prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel versions prior to 8.4.2.

tags | exploit, remote, arbitrary
advisories | CVE-2021-3129
SHA-256 | aebc0026e687e1ba339c5b60a3565c3f18d9a8afd3eb4765ef9daaf8dbe63898
Laravel 8.4.2 Remote Code Execution
Posted Jan 14, 2021
Authored by SunCSR

Laravel version 8.4.2 suffers from a debug mode remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | e34cd9189ebccce75149b7a897ad6f0f8f21c47b20e534aec63a70a6024d57f6
Laravel Nova 3.7.0 Denial Of Service
Posted Dec 4, 2020
Authored by iqzer0

Laravel Nova version 3.7.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 9eb495324041230df1778bdc6d24f4736918454a3a493572ff1e36fb62cb7360
Laravel Administrator 4 File Upload
Posted Nov 27, 2020
Authored by Xavi Beltran, Victor Campos

Laravel Administrator version 4 suffers from an unrestricted file upload vulnerability.

tags | exploit, file upload
advisories | CVE-2020-10963
SHA-256 | 74c5803bba9337c9b7130818986ce55f061af3504d643ca424705c78c6549aea
NeonLMS Learning Management System PHP Laravel Script 4.6 XSS
Posted Jun 4, 2020
Authored by th3d1gger

NeonLMS Learning Management System PHP Laravel Script version 4.6 suffers from a persistent cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | a03fae941188a13b262247d193b72cb8c6020929d45d54b9d550247447b208d4
NeonLMS Learning Management System PHP Laravel Script 4.6 File Download
Posted Jun 4, 2020
Authored by th3d1gger

NeonLMS Learning Management System PHP Laravel Script version 4.6 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, php, info disclosure
SHA-256 | b6fc64a5ae4e8a0ec2c9cdc1017fd4675419adad3fce5fe5f687cefd700382cb
UniSharp Laravel File Manager 2.0.0 Arbitrary File Read
Posted Mar 4, 2020
Authored by NgoAnhDuc

UniSharp Laravel File Manager version 2.0.0 suffers from an arbitrary file read vulnerability.

tags | exploit, arbitrary
SHA-256 | 1d7405c593ee49d55e59bcf504bf4d3f7496515bc48aef6a5e832b0c6175f1cd
PHP Laravel Framework Token Unserialize Remote Command Execution
Posted Jul 15, 2019
Authored by aushack, Stale Pettersen | Site metasploit.com

This Metasploit module exploits a vulnerability in the PHP Laravel Framework for versions 5.5.40, 5.6.x up to 5.6.29. Remote command execution is possible via a correctly formatted HTTP X-XSRF-TOKEN header, due to an insecure unserialize call of the decrypt method in Illuminate/Encryption/Encrypter.php. Authentication is not required, however exploitation requires knowledge of the Laravel APP_KEY. Similar vulnerabilities appear to exist within Laravel cookie tokens based on the code fix. In some cases the APP_KEY is leaked which allows for discovery and exploitation.

tags | exploit, remote, web, php, vulnerability
advisories | CVE-2017-16894, CVE-2018-15133
SHA-256 | 89a708ff133e6615ee3040a41d60178a5e2e6c21344ec723424eb420b1cc5b8c
UniSharp Laravel File Manager 2.0.0-alpha7 Arbitrary File Upload
Posted Feb 15, 2019
Authored by Mohammad Danish

UniSharp Laravel File Manager version 2.0.0-alpha7 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
SHA-256 | f67d9939b12edf8fa0798c677008aa300033f210c22c4530b791b22cdd35192e
Laravel Log Viewer Local File Download
Posted Mar 26, 2018
Authored by Haboob Team

Laravel Log Viewer versions prior to 0.13.0 suffers from a local file download vulnerability.

tags | exploit, local
advisories | CVE-2018-8947
SHA-256 | 167717bccfa3ca0b0d38c17ea0f44b8f9623e1fe306e0934c356174fe45eecf6
Laravel 5.4 Cross Site Scripting
Posted Mar 7, 2017
Authored by MaHDyfo

Laravel version 5.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 34f087a75ac86387f30439cc2ab8f6c14d83614a61e4e6f992742eaac6419cbd
Laravel Framework PHP Object Injection
Posted Apr 20, 2015
Authored by Scott Arciszewski

Laravel Framework versions since 4.1 suffer from a PHP objection injection vulnerability when encryption is turned off.

tags | advisory, php
SHA-256 | 77f22e2a8757288c75c6f2b204358f81cc4f63d582e81dad74eced0ce382209a
Laravel 2.1 Hash::make() bcrypt Truncation
Posted Sep 16, 2014
Authored by Pichaya Morimoto

Laravel version 2.1 fails to check length prior to password hash creation allowing for possible hash collisions for secrets over 72 characters.

tags | exploit
SHA-256 | c326cc304eeacde84a1ea946f533f0c9f4c6ce9cfb4ff9339cbc8e8cbada6457
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close