8 matches found
CVE-2020-10963
FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload and consequently Remote Code Execution via admin/tipsimage/image/fileupload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued...
GHSA-9R2J-RG24-FVPJ FrozenNode Laravel-Administrator unrestricted file upload
FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload and consequently Remote Code Execution via admin/tipsimage/image/fileupload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued...
FrozenNode Laravel-Administrator unrestricted file upload
FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload and consequently Remote Code Execution via admin/tipsimage/image/fileupload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued...
Laravel Administrator 4 File Upload
Exploit title: Laravel Administrator 4 - Unrestricted File Upload Authenticated Author: Victor Campos and Xavi Beltran Contact: [email protected] Exploit Development: https://xavibel.com/2020/03/23/unrestricted-file-upload-in-frozennode-laravel-administrator/ Date: 25/3/2020 Software link:...
FrozenNode Laravel-Administrator Code Issue Vulnerability
FrozenNode Laravel-Administrator is an admin interface generator for the Laravel framework. A code issue vulnerability exists in FrozenNode Laravel-Administrator 5.0.12 and earlier versions. The vulnerability can be exploited by an attacker with the file upload feature to bypass security...
CVE-2020-10963
FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload and consequently Remote Code Execution via admin/tipsimage/image/fileupload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued...
Unrestricted file upload
FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload and consequently Remote Code Execution via admin/tipsimage/image/fileupload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued...
PT-2020-12451 · Frozennode · Laravel-Administrator
Name of the Vulnerable Software and Affected Versions: FrozenNode Laravel-Administrator versions 5.0.12 and earlier Description: The issue allows unrestricted file upload and consequently Remote Code Execution via the "admin/tips image/image/file upload" API endpoint, where an attacker can upload...