Lucene search
CVE-2018-15133
🗓️ 09 Aug 2018 19:00:29Reported by mitreType 
cve🔗 web.nvd.nist.gov📰️ 26 Media mentions👁 276 Views🌐 WEB
Insecure unserialize call in Laravel Framewor
Show more
| Reporter | Title | Published | Views | Family All 26 |
|---|---|---|---|---|
 | CVE-2018-15133 | 9 Aug 201800:00 | – | attackerkb |
| Laravel Framework Unserialize Token RCE (CVE-2018-15133) | 9 Aug 201800:00 | – | attackerkb |
 | CVE-2018-15133 | 9 Aug 201819:29 | – | debiancve |
 | CVE-2018-15133 | 9 Aug 201819:00 | – | cvelist |
 | Laravel Framework RCE Vulnerability | 14 May 202200:56 | – | osv |
| CVE-2018-15133 | 9 Aug 201819:29 | – | osv |
 | OWASP Top 10 Deep Dive: Injection and Stack Traces From a Hacker's Perspective | 19 Oct 202116:58 | – | rapid7blog |
 | Laravel Framework < 5.5.41 / 5.6.x < 5.6.30 RCE | 15 Apr 202400:00 | – | nessus |
 | Laravel Deserialization of Untrusted Data Vulnerability | 16 Jan 202400:00 | – | cisa_kev |
 | Remote Code Execution (RCE) | 10 Aug 201810:23 | – | veracode |
10
| Source | Link |
|---|---|
| packetstormsecurity | www.packetstormsecurity.com/files/153641/PHP-Laravel-Framework-Token-Unserialize-Remote-Command-Execution.html |
| laravel | www.laravel.com/docs/5.6/upgrade |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| X-XSRF-TOKEN | header | /index.php | Insecure unserialize call on X-XSRF-TOKEN header that may lead to remote code execution in Laravel Framework. | CWE-502 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo09 Aug 2018 19:29Current
8.2High risk
Vulners AI Score8.2
CVSS26.8
CVSS38.1
EPSS0.7999