52 matches found
Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution
Laravel version 8.4.2 and before with Ignition before 2.5.2 allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of filegetcontents and fileputcontents. This is exploitable on sites using debug mode with Laravel before 8.4.2. id: CVE-2021-3129 info: name:...
Authorization Bypass
github.com/juju/juju is vulnerable to Authorization Bypass. The vulnerability is due to insufficient authorization checks in the Controller facade CloudSpec API method, which allows a low-privileged authenticated attacker to access sensitive cloud credentials...
EUVD-2026-21364
Juju: CloudSpec method leaking cloud credentials...
PT-2025-54381
Cross-Site Request Forgery CSRF vulnerability in Manidoraisamy FormFacade allows Cross Site Request Forgery.This issue affects FormFacade: from n/a through 1.4.1...
EUVD-2025-26837
Malicious code in bioql PyPI...
Google Android elevation of privilege vulnerability (CNVD-2025-30723)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to unauthorized data access caused by SQL injection in multiple functions in PickerDbFacade.java. An attacker can exploit the vulnerability to elevate...
defusedxml
This is a Python library called defusedxml, which is designed to prevent XML bomb denial of service DoS vulnerabilities. The library provides a facade for the standard library's xml.etree.ElementTree module, which is vulnerable to XML bombs. The defusedxml library defuses XML bombs by preventing...
CVE-2025-32327
CVE-2025-32327 affects Google Android via SQL injection in multiple functions of PickerDbFacade.java, enabling unauthorized data access and local elevation of privilege with no user interaction. Impact and exploit details are stated in multiple sources (NVD, Red Hat, CNVD, OSV). Root cause is an ...
CVE-2024-35526
An issue in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to access sensitive information in the /facade directory...
Facade Ignition < 2.5.2 Remote Code Execution
Facade Ignition is a customizable error page for Laravel applications running on Laravel 5.5 up to Laravel 8. It is the default error page for all Laravel 6 applications. Facade Ignition versions prior to 2.5.2 is is affected by a vulnerability allowing an unauthenticated attacker to obtain Remot...
CVE-2024-35526
An issue in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to access sensitive information in the /facade directory...
PT-2024-26526 · Unknown · Farcry Core
Name of the Vulnerable Software and Affected Versions: FarCry Core framework versions prior to 7.2.14 Description: The issue allows attackers to access sensitive information in the "/facade" directory. Recommendations: For versions prior to 7.2.14, update to version 7.2.14 or later to resolve the...
FarCry Core Framework Security Vulnerability
FarCry Core Framework is a ColdFusion language web application framework open-sourced by FarCry Core. A security vulnerability exists in FarCry Core Framework versions prior to 7.2.14 that stems from allowing access to sensitive information in the /facade directory...
CVE-2024-35526
An issue in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to access sensitive information in the /facade directory...
Facade Ignition < 1.16.14 / 2.x < 2.4.2 / 2.5.x < 2.5.2 RCE
The version of Facade Ignition installed of the remote host is prior to 1.16.14, or 2.x prior to 2.4.2, or 2.5.x prior to 2.5.2. It is, therefore, affected by a remote code execution vulnerability. Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attacke...
[SECURITY] Fedora 40 Update: xstream-1.4.20-6.fc40
XStream is a simple library to serialize objects to XML and back again. A high level facade is supplied that simplifies common use cases. Custom objects can be serialized without need for specifying mappings. Speed and low memory footprint are a crucial part of the design, making it suitable for...
Exploit for CVE-2021-3129
CVE-2021-3129 Instructions: Note: A PHP environment is...
Exploit for CVE-2021-3129
Mass Scanner for CVE-...
Exploit for CVE-2021-3129
Mass Scanner for CVE-...
Exploit for CVE-2021-3129
CVE-2021-3129 Mass Scan Tools For Laravel = V8.4.2 Debug Mode...