Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/03/27 5:9 p.m.5 views

CVE-2026-4809

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while...

10CVSS6.2AI score0.01279EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/26 12:30 p.m.4 views

EUVD-2026-16164

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while...

10CVSS6.2AI score0.01279EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/26 12:25 p.m.4 views

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload when the application accepts or prefers a client-supplied MIME type. An attacker can upload files containing executable PHP code by submitting files with a benign MIME type, potentially leading to code execution if...

10CVSS6.3AI score0.01279EPSS
Exploits0References2
NVD
NVD
added 2026/03/26 11:16 a.m.8 views

CVE-2026-4809

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while...

10CVSS0.01279EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/26 11:3 a.m.3 views

CVE-2026-4809 Unsafe Client MIME Type Handling Can Enable Arbitrary File Upload in plank/laravel-mediable

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while...

10CVSS6.2AI score0.01279EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/26 11:3 a.m.3 views

CVE-2026-4809

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while...

10CVSS6.2AI score0.01279EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/03/26 11:3 a.m.18 views

CVE-2026-4809

Brand-new CVE entry CVE-2026-4809 affects plank/laravel-mediable up to version 6.4.0. In vulnerable configurations that accept a client-supplied MIME type during file upload, an attacker can submit a file containing executable PHP code while declaring a benign image MIME type, enabling arbitrary ...

10CVSS6.2AI score0.01279EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/26 11:3 a.m.31 views

CVE-2026-4809 Unsafe Client MIME Type Handling Can Enable Arbitrary File Upload in plank/laravel-mediable

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while...

10CVSS0.01279EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.14 views

Laravel-Mediable 安全漏洞

Laravel-Mediable is a Laravel media file management package developed by Plank. Versions of Laravel-Mediable 6.4.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the application accepting or favoring the MIME types provided by the client when processing file uploads...

10CVSS6.2AI score0.01279EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.15 views

PT-2026-28649

Name of the Vulnerable Software and Affected Versions plank/laravel-mediable versions through 6.4.0 Description The software is susceptible to arbitrary file upload when it accepts or prefers a client-supplied MIME type during file upload handling. An attacker can submit a file containing...

10CVSS6.2AI score0.01279EPSS
Exploits0References7
Rows per page
Query Builder