exploitDog

CVE-2023-24249

Опубликовано: 27 фев. 2023

Источник: nvd

CVSS3: 7.2

EPSS Средний

Описание

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file.

Ссылки

https://flyd.uk/post/cve-2023-24249/
Exploit
Third Party Advisory
https://github.com/z-song/laravel-admin
Product
https://laravel-admin.org/
Product
https://flyd.uk/post/cve-2023-24249/
Exploit
Third Party Advisory
https://github.com/z-song/laravel-admin
Product
https://laravel-admin.org/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:laravel-admin:laravel-admin:1.8.19:*:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.43257

Средний

7.2 High

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-g857-47pm-3r32

CVSS3: 7.2

github

почти 3 года назад

laravel-admin has Arbitrary File Upload vulnerability

EPSS

Процентиль: 97%

0.43257

Средний

7.2 High

CVSS3

Дефекты

CWE-434