Lucene search
K

49 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.6 views

CVE-2022-38080

Reflected cross-site scripting vulnerability in Exment PHP8 exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, PHP7 exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier allows a remote authenticated attacker to inject an arbitrary...

5.4CVSS5.9AI score0.00756EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.7 views

CVE-2022-37333

SQL injection vulnerability in the Exment PHP8 exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, PHP7 exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier allows remote authenticated attackers to execute arbitrary SQL commands...

8.8CVSS8.1AI score0.0119EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-3752

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.0062EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.17 views

EUVD-2022-6593

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.0119EPSS
Exploits0References5
Snyk
Snyk
added 2025/08/19 3:41 p.m.2 views

Cross-site Scripting (XSS)

Overview moonshine/moonshine is a Laravel administration panel Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Link parameter when creating/updating a new Article. Note There appears to be a fix attempt in 3.12.4, which was reverted in 3.12.6. At the time of...

4.8CVSS5.3AI score0.00401EPSS
Exploits2References2
Snyk
Snyk
added 2025/08/19 3:41 p.m.5 views

Unrestricted Upload of File with Dangerous Type

Overview moonshine/moonshine is a Laravel administration panel Affected versions of this package are vulnerable to Unrestricted Upload of File with Dangerous Type via the Files - Thumbnail parameter when creating/updating an Article. An attacker can run scripts within the context of the applicati...

5.4CVSS6.9AI score0.0032EPSS
Exploits2References3
GithubExploit
GithubExploit
added 2025/06/21 5:2 p.m.433 views

Exploit for Unrestricted Upload of File with Dangerous Type in Laravel-Admin

CVE-2023-24249 PoC CVE-2023-24249https://nvd.nist.gov/vuln/...

7.2CVSS7.3AI score0.02382EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/05/23 1:54 a.m.12 views

CVE-2023-24249

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS7.8AI score0.02382EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:2 a.m.7 views

CVE-2019-17433

z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the Roles screen, because of mishandling on the "Operation log" screen...

4.8CVSS5.8AI score0.0062EPSS
Exploits1References1
Veracode
Veracode
added 2025/01/09 4:52 a.m.9 views

Cross-site Scripting (XSS)

dcat/laravel-admin is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input sanitization in the /admin/articles/create endpoint in version 2.2.0-beta, which allows attackers to inject malicious scripts...

4.8CVSS6.3AI score0.00315EPSS
Exploits1References3Affected Software1
GithubExploit
GithubExploit
added 2024/08/07 4:36 a.m.1677 views

Exploit for Unrestricted Upload of File with Dangerous Type in Laravel-Admin

CVE-2023-24249 Exploit Script Description This repository...

7.2CVSS7.7AI score0.02382EPSS
Exploits3
Veracode
Veracode
added 2023/03/02 5:0 a.m.53 views

Arbitrary File Upload

encore/laravel-admin is vulnerable to Arbitrary File Upload. The vulnerability exists because the library does not properly validate files uploaded, allowing an attacker to bypass the file upload restrictions by uploading a malicious .php file...

7.2CVSS6.8AI score0.02382EPSS
Exploits3References5Affected Software1
Github Security Blog
Github Security Blog
added 2023/02/27 9:30 p.m.353 views

laravel-admin has Arbitrary File Upload vulnerability

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS7.4AI score0.02382EPSS
Exploits3References5Affected Software1
OSV
OSV
added 2023/02/27 9:30 p.m.39 views

GHSA-G857-47PM-3R32 laravel-admin has Arbitrary File Upload vulnerability

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS7.2AI score0.02382EPSS
Exploits3References5
NVD
NVD
added 2023/02/27 7:15 p.m.23 views

CVE-2023-24249

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS7.3AI score0.02382EPSS
Exploits3References3
OSV
OSV
added 2023/02/27 7:15 p.m.123 views

CVE-2023-24249

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS7.5AI score0.02382EPSS
Exploits3References3
Prion
Prion
added 2023/02/27 7:15 p.m.26 views

Privilege escalation

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...

5.8CVSS7.2AI score0.02382EPSS
Exploits3References3Affected Software1
CVE
CVE
added 2023/02/27 12:0 a.m.327 views

CVE-2023-24249

CVE-2023-24249 affects laravel-admin v1.8.19, where an unrestricted file upload vulnerability allows an attacker to upload and execute arbitrary PHP code. The connected documents include PoCs/exploits showing a web shell upload and execution, confirming practical risk. The vulnerability stems fro...

7.2CVSS7.2AI score0.02382EPSS
Exploits3References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/27 12:0 a.m.12 views

CVE-2023-24249

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...

7.3AI score0.02382EPSS
Exploits3References3
Cvelist
Cvelist
added 2023/02/27 12:0 a.m.27 views

CVE-2023-24249

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...

7.5AI score0.02382EPSS
Exploits3References3
Rows per page
Query Builder