Mass Assignment
Laravel is vulnerable to Mass Assignment. The vulnerability is due to improper column quoting for database drivers, which can be exploited when not using the fillable property on models, particularly when using the guarded property and passing a user-controlled array into an "update" or "save"...