Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:31 p.m.4 views

CVE-2021-21263

Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which is used by Laravel. If a request is crafted where a field that is normally a non-array value is an...

7.2CVSS6.6AI score0.01605EPSS
Exploits0References1
Veracode
Veracode
added 2021/02/03 4:49 a.m.17 views

Query Binding Exploitation

illuminate/database is vulnerable to query binding exploitation. The vulnerability exists through the lack of control on the expected bindings in the Query Builder. This vulnerability is related to CVE-2021-21263. The fix addresses several edge cases...

7.2CVSS2.1AI score0.01605EPSS
Exploits0
NVD
NVD
added 2021/01/19 8:15 p.m.50 views

CVE-2021-21263

Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which is used by Laravel. If a request is crafted where a field that is normally a non-array value is an...

7.2CVSS6.8AI score0.01605EPSS
Exploits0References5
OSV
OSV
added 2021/01/19 8:15 p.m.15 views

CVE-2021-21263

Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which is used by Laravel. If a request is crafted where a field that is normally a non-array value is an...

5.3CVSS5.2AI score
Exploits0References5
Cvelist
Cvelist
added 2021/01/19 7:40 p.m.49 views

CVE-2021-21263 Query Binding Exploitation in Laravel

Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which is used by Laravel. If a request is crafted where a field that is normally a non-array value is an...

7.2CVSS7AI score0.01605EPSS
Exploits0References5
CVE
CVE
added 2021/01/19 7:40 p.m.162 views

CVE-2021-21263

Laravel and illuminate/database are affected by a query binding exploitation in which a normally non‑array field sent as an array can add an unexpected number of query bindings. Affected: Laravel frameworks prior to 6.20.11, 7.30.2, and 8.22.1 (and the illuminate/database package used by Laravel)...

7.2CVSS5.3AI score0.01605EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder