CVE-2024-51992

Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecti...

Method Exposure

orchid/platform is vulnerable to Method Exposure. The vulnerability is due to inadequate access control in the asynchronous modal functionality of the Orchid Platform, allows arbitrary methods within the Screen class to be called without proper validation, enabling attackers to exploit the expose...

The vulnerability of the Orchid Platform, related to the use of dangerous methods or functions, allows a hacker to obtain the server’s IP address.

The vulnerability of the Orchid Platform is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain the server’s IP address through a brute-force attack...

GHSA-CM46-GQF4-MV4F Orchid Platform has Method Exposure Vulnerability in Modals

Impact This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecting users of Orchid Platform version 8 through 14.42.x. Attackers could exploit this vulnerability to call arbitrary methods within t...

Orchid Platform has Method Exposure Vulnerability in Modals

Impact This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecting users of Orchid Platform version 8 through 14.42.x. Attackers could exploit this vulnerability to call arbitrary methods within t...

CVE-2024-51992

Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecti...

Exposed Dangerous Method or Function

Overview orchid/platform is a Platform for back-office applications, admin panel or CMS your Laravel app. Affected versions of this package are vulnerable to Exposed Dangerous Method or Function in the asynchronous modal functionality via the Screen class. An attacker can call arbitrary methods...

CVE-2024-51992 Method Exposure Vulnerability in Modals in orchid/platform

Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecti...

CVE-2024-51992

The CVE-2024-51992 issue affects Orchid Platform versions 8 through 14.42.x and stems from a method exposure vulnerability in the platform’s asynchronous modal functionality. The root cause is exposing dangerous methods within the Screen class, enabling an attacker to call arbitrary methods. Clai...

CVE-2024-51992 Method Exposure Vulnerability in Modals in orchid/platform

Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecti...

CVE-2024-51992 Method Exposure Vulnerability in Modals in orchid/platform

Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecti...

PT-2024-36: Calling arbitrary methods in Orchid Platform

The vulnerability was identified in Orchid Platform versions 8 - 14.42.x. Discovered vulnerability can be exploited by an attacker to call arbitrary methods in the Screen class, which could lead to the ability to brute force database tables and disclosure of the server's IP address. Vulnerability...

PT-2024-7861 · Unknown · Orchid Platform

Name of the Vulnerable Software and Affected Versions: Orchid Platform versions 8 through 14.42.x Description: The issue is a method exposure problem in the Orchid Platform’s asynchronous modal functionality, allowing attackers to call arbitrary methods within the Screen class. This could lead to...

The vulnerability of the Orchid Platform, related to the restoration of unreliable data in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Orchid Platform relates to the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2023-07: Deserialization of Untrusted Data leads to RCE in Orchid Platform

The vulnerability was identified in Orchid Platform versions 14.0.0-alpha4-14.4.0. The discovered vulnerability of untrusted data deserialization may be exploited by an attacker to remotely execute malicious code. Vulnerability status: Confirmed by vendor Date of vulnerability remediation:...