CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

48 matches found

RedhatCVE•added 2026/01/09 10:57 a.m.•4 views

CVE-2022-38080

Reflected cross-site scripting vulnerability in Exment PHP8 exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, PHP7 exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier allows a remote authenticated attacker to inject an arbitrary...

5.4CVSS5.9AI score0.00369EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:50 a.m.•5 views

CVE-2022-37333

SQL injection vulnerability in the Exment PHP8 exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, PHP7 exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier allows remote authenticated attackers to execute arbitrary SQL commands...

8.8CVSS8.1AI score0.01548EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-6593

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01548EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-3752

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.00219EPSS

Exploits1References2

Snyk•added 2025/08/19 3:41 p.m.•2 views

Cross-site Scripting (XSS)

Overview moonshine/moonshine is a Laravel administration panel Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Link parameter when creating/updating a new Article. Note There appears to be a fix attempt in 3.12.4, which was reverted in 3.12.6. At the time of...

4.8CVSS5.3AI score0.00097EPSS

Exploits2References2

Snyk•added 2025/08/19 3:41 p.m.•4 views

Unrestricted Upload of File with Dangerous Type

Overview moonshine/moonshine is a Laravel administration panel Affected versions of this package are vulnerable to Unrestricted Upload of File with Dangerous Type via the Files - Thumbnail parameter when creating/updating an Article. An attacker can run scripts within the context of the applicati...

5.4CVSS6.9AI score0.00054EPSS

Exploits2References3

GithubExploit•added 2025/06/21 5:2 p.m.•403 views

Exploit for Unrestricted Upload of File with Dangerous Type in Laravel-Admin

CVE-2023-24249 PoC CVE-2023-24249https://nvd.nist.gov/vuln/...

7.2CVSS7.3AI score0.48636EPSS

Exploits3

RedhatCVE•added 2025/05/23 1:54 a.m.•7 views

CVE-2023-24249

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS7.8AI score0.48636EPSS

Exploits3References1

RedhatCVE•added 2025/05/22 10:2 a.m.•5 views

CVE-2019-17433

z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the Roles screen, because of mishandling on the "Operation log" screen...

4.8CVSS5.8AI score0.00219EPSS

Exploits1References1

Veracode•added 2025/01/09 4:52 a.m.•7 views

Cross-site Scripting (XSS)

dcat/laravel-admin is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input sanitization in the /admin/articles/create endpoint in version 2.2.0-beta, which allows attackers to inject malicious scripts...

4.8CVSS6.3AI score0.00061EPSS

Exploits1References3Affected Software1

GithubExploit•added 2024/08/07 4:36 a.m.•1636 views

Exploit for Unrestricted Upload of File with Dangerous Type in Laravel-Admin

CVE-2023-24249 Exploit Script Description This repository...

7.2CVSS7.7AI score0.48636EPSS

Exploits3

Veracode•added 2023/03/02 5:0 a.m.•52 views

Arbitrary File Upload

encore/laravel-admin is vulnerable to Arbitrary File Upload. The vulnerability exists because the library does not properly validate files uploaded, allowing an attacker to bypass the file upload restrictions by uploading a malicious .php file...

7.2CVSS6.8AI score0.48636EPSS

Exploits3References5Affected Software1

Github Security Blog•added 2023/02/27 9:30 p.m.•351 views

laravel-admin has Arbitrary File Upload vulnerability

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS7.4AI score0.48636EPSS

Exploits3References5Affected Software1

OSV•added 2023/02/27 9:30 p.m.•38 views

GHSA-G857-47PM-3R32 laravel-admin has Arbitrary File Upload vulnerability

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS7.2AI score0.48636EPSS

Exploits3References5

NVD•added 2023/02/27 7:15 p.m.•21 views

CVE-2023-24249

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS7.3AI score0.48636EPSS

Exploits3References3

OSV•added 2023/02/27 7:15 p.m.•118 views

CVE-2023-24249

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS7.5AI score0.48636EPSS

Exploits3References3

Prion•added 2023/02/27 7:15 p.m.•22 views

Privilege escalation

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...

5.8CVSS7.2AI score0.48636EPSS

Exploits3References3Affected Software1

CNNVD•added 2023/02/27 12:0 a.m.•4 views

laravel-admin 代码问题漏洞

z-song laravel-admin is an administrative interface builder for the Laravel web development framework. A security vulnerability exists in laravel-admin v1.8.19, which stems from the existence of an arbitrary file upload vulnerability that can be exploited by an attacker to execute arbitrary code...

7.2CVSS7.5AI score0.48636EPSS

Exploits3References4

CVE•added 2023/02/27 12:0 a.m.•319 views

CVE-2023-24249

CVE-2023-24249 affects laravel-admin v1.8.19, where an unrestricted file upload vulnerability allows an attacker to upload and execute arbitrary PHP code. The connected documents include PoCs/exploits showing a web shell upload and execution, confirming practical risk. The vulnerability stems fro...

7.2CVSS7.2AI score0.48636EPSS

Exploits3References3Affected Software1