4 matches found
Cross-site Scripting (XSS) - Stored in aimeos/aimeos-core
✍️ Description Integrated online shop based on Laravel 6 LTS and the Aimeos e-commerce framework this webapp is vulnerabel for stored xss thru filename 🕵️♂️ Proof of Concept 💥 Impact This vulnerability is capable stored XSS...
Cross-site Scripting (XSS) - Stored in aimeos/aimeos-laravel
✍️ Description Integrated online shop based on Laravel 6 LTS and the Aimeos e-commerce framework this webapp is vulnerabel for stored xss thru filename 🕵️♂️ Proof of Concept 💥 Impact This vulnerability is capable admin ac takeover , XSS...
Design/Logic Flaw
In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env is generated at the time that the docker image bitnami/laravel was built, and the value of APPKEY ...
HorizontCMS File Upload Vulnerability
HorizontCMS is an open source, responsive content management system CMS built on Laravel 6, VueJs 2.6 and Bootstrap 3.4. HorizontCMS 1.0.0-beta is vulnerable to unrestricted file uploads. An attacker can exploit this vulnerability to upload PHP code via zip file and execute PHP files via HTTP GET...