Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:10 p.m.9 views

CVE-2020-10963

FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload and consequently Remote Code Execution via admin/tipsimage/image/fileupload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued...

7.2CVSS7.4AI score0.14667EPSS
Exploits3References1
Github Security Blog
Github Security Blog
added 2022/05/24 5:12 p.m.20 views

FrozenNode Laravel-Administrator unrestricted file upload

FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload and consequently Remote Code Execution via admin/tipsimage/image/fileupload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued...

7.2CVSS7.4AI score0.14667EPSS
Exploits3References4Affected Software1
OSV
OSV
added 2022/05/24 5:12 p.m.25 views

GHSA-9R2J-RG24-FVPJ FrozenNode Laravel-Administrator unrestricted file upload

FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload and consequently Remote Code Execution via admin/tipsimage/image/fileupload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued...

7.2CVSS7.2AI score0.14667EPSS
Exploits3References3
Exploit DB
Exploit DB
added 2020/11/27 12:0 a.m.813 views

Laravel Administrator 4 - Unrestricted File Upload (Authenticated)

Exploit title: Laravel Administrator 4 - Unrestricted File Upload Authenticated Author: Victor Campos and Xavi Beltran Contact: [email protected] Exploit Development: https://xavibel.com/2020/03/23/unrestricted-file-upload-in-frozennode-laravel-administrator/ Date: 25/3/2020 Software link:...

7.2CVSS7AI score0.14667EPSS
Exploits3
CNVD
CNVD
added 2020/03/26 12:0 a.m.5 views

FrozenNode Laravel-Administrator Code Issue Vulnerability

FrozenNode Laravel-Administrator is an admin interface generator for the Laravel framework. A code issue vulnerability exists in FrozenNode Laravel-Administrator 5.0.12 and earlier versions. The vulnerability can be exploited by an attacker with the file upload feature to bypass security...

7.2CVSS7.4AI score0.14667EPSS
Exploits3
OSV
OSV
added 2020/03/25 10:15 p.m.11 views

CVE-2020-10963

FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload and consequently Remote Code Execution via admin/tipsimage/image/fileupload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued...

7.2CVSS7.4AI score
Exploits0References2
Prion
Prion
added 2020/03/25 10:15 p.m.13 views

Unrestricted file upload

FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload and consequently Remote Code Execution via admin/tipsimage/image/fileupload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued...

6.5CVSS7.2AI score0.14667EPSS
Exploits3References2Affected Software1
CVE
CVE
added 2020/03/25 9:23 p.m.111 views

CVE-2020-10963

FrozenNode Laravel-Administrator (up to version 5.0.12) is vulnerable to unrestricted file upload via the admin/tips_image/image/file_upload endpoint, allowing PHP content embedded in a GIF image to be uploaded with a .php extension and potentially execute code remotely. This vulnerability is des...

7.2CVSS7.2AI score0.14667EPSS
Exploits3References2Affected Software1
Positive Technologies
Positive Technologies
added 2020/03/25 12:0 a.m.7 views

PT-2020-12451 · Frozennode · Laravel-Administrator

Name of the Vulnerable Software and Affected Versions: FrozenNode Laravel-Administrator versions 5.0.12 and earlier Description: The issue allows unrestricted file upload and consequently Remote Code Execution via the "admin/tips image/image/file upload" API endpoint, where an attacker can upload...

7.2CVSS7.2AI score0.14667EPSS
Exploits3References7
Rows per page
Query Builder