Lucene search

CVE-2018-15133

🗓️ 09 Aug 2018 19:00:29Reported by GoogleType

osv🔗 osv.dev👁 34 Views

Laravel Framework 5.5.40 and 5.6.x through 5.6.29 allows remote code execution via unserialize on X-XSRF-TOKEN

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 27
AttackerKB	CVE-2018-15133	9 Aug 201800:00	–	attackerkb
AttackerKB	Laravel Framework Unserialize Token RCE (CVE-2018-15133)	9 Aug 201800:00	–	attackerkb
Debian CVE	CVE-2018-15133	9 Aug 201819:29	–	debiancve
Cvelist	CVE-2018-15133	9 Aug 201819:00	–	cvelist
OSV	GHSA-QVQM-H22R-4CP9 Laravel Framework RCE Vulnerability	14 May 202200:56	–	osv
CVE	CVE-2018-15133	9 Aug 201819:29	–	cve
Rapid7 Blog	OWASP Top 10 Deep Dive: Injection and Stack Traces From a Hacker's Perspective	19 Oct 202116:58	–	rapid7blog
Tenable Nessus	Laravel Framework < 5.5.41 / 5.6.x < 5.6.30 RCE	15 Apr 202400:00	–	nessus
CISA KEV Catalog	Laravel Deserialization of Untrusted Data Vulnerability	16 Jan 202400:00	–	cisa_kev
Check Point Advisories	Laravel Framework Remote Code Execution (CVE-2018-15133)	30 Jun 202100:00	–	checkpoint_advisories

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/153641/PHP-Laravel-Framework-Token-Unserialize-Remote-Command-Execution.html
laravel	www.laravel.com/docs/5.6/upgrade

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Aug 2018 19:29Current

7.5High risk

Vulners AI Score7.5

CVSS26.8

CVSS38.1

EPSS0.7999