Lucene search
K

6 matches found

Veracode
Veracode
added 2025/04/22 2:46 p.m.8 views

OS Command Injection

tcg/voyager is vulnerable to OS Command Injection. The vulnerability is due to insufficient validation of input passed to a specific PHP Artisan command, allowing authenticated administrators to execute arbitrary OS commands in Laravel 8 or later...

9.1CVSS7.5AI score0.00499EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/16 12:40 a.m.21 views

CVE-2025-32931

DevDojo Voyager 1.4.0 through 1.8.0, when Laravel 8 or later is used, allows authenticated administrators to execute arbitrary OS commands via a specific php artisan command...

9.1CVSS7.6AI score0.00499EPSS
Exploits0References1
NVD
NVD
added 2025/04/14 4:15 p.m.47 views

CVE-2025-32931

DevDojo Voyager 1.4.0 through 1.8.0, when Laravel 8 or later is used, allows authenticated administrators to execute arbitrary OS commands via a specific php artisan command...

9.1CVSS0.00499EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/14 12:0 a.m.4 views

PT-2025-16258 · Devdojo +1 · Devdojo Voyager +1

Name of the Vulnerable Software and Affected Versions: DevDojo Voyager versions 1.4.0 through 1.8.0 Description: The issue allows authenticated administrators to execute arbitrary OS commands via a specific php artisan command when Laravel 8 or later is used. Recommendations: For DevDojo Voyager...

9.1CVSS8.2AI score0.00499EPSS
Exploits0References11
CVE
CVE
added 2025/04/14 12:0 a.m.120 views

CVE-2025-32931

CVE-2025-32931 affects DevDojo Voyager versions 1.4.0–1.8.0. When Laravel 8+ is used, authenticated administrators can execute arbitrary OS commands via a specific php artisan command (linked to the Compass admin tooling). Technical details in connected sources point to a vulnerable command imple...

9.1CVSS7.8AI score0.00499EPSS
Exploits0References3
Prion
Prion
added 2021/03/03 5:15 p.m.15 views

Design/Logic Flaw

In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env is generated at the time that the docker image bitnami/laravel was built, and the value of APPKEY ...

7.5CVSS7.2AI score0.00645EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder