Lucene search
+L

8 matches found

redhatcve
redhatcve
added 2025/05/23 7:25 a.m.9 views

CVE-2024-0864

Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote code execution RCE attack via an improper input validation in a fileupload.php file which serves as an example. By default, Laragon is not vulnerable until a user decides to use the aforementioned...

9.8CVSS7.8AI score0.01366EPSS
Exploits0References1
cve
cve
added 2024/02/29 12:56 p.m.107 views

CVE-2024-0864

CVE-2024-0864 affects Laragon when the Simple Ajax Uploader plugin is enabled. The vulnerability arises from improper input validation in a file_upload.php example that can enable remote code execution (RCE). By default, Laragon is not vulnerable unless the plugin is used. Connected sources (Red ...

9.8CVSS9.8AI score0.01366EPSS
Exploits0References3Affected Software1
vulnrichment
vulnrichment
added 2024/02/29 12:56 p.m.82 views

CVE-2024-0864 RCE in Laragon

Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote code execution RCE attack via an improper input validation in a fileupload.php file which serves as an example. By default, Laragon is not vulnerable until a user decides to use the aforementioned...

9.8AI score0.01366EPSS
Exploits0References3
osv
osv
added 2024/02/29 12:56 p.m.16 views

CVE-2024-0864 RCE in Laragon

Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote code execution RCE attack via an improper input validation in a fileupload.php file which serves as an example. By default, Laragon is not vulnerable until a user decides to use the aforementioned...

9.8CVSS6.6AI score0.01366EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2024/02/29 12:0 a.m.5 views

PT-2024-15874 · Laragon · Laragon +1

Name of the Vulnerable Software and Affected Versions: Laragon affected versions not specified Description: The issue allows for a remote code execution RCE attack via an improper input validation in a file upload.php file, which serves as an example. This occurs when the Simple Ajax Uploader...

9.8CVSS7.9AI score0.01366EPSS
Exploits0References8
exploitpack
exploitpack
added 2018/04/23 12:0 a.m.91 views

Drupal avatar_uploader v7.x-1.0-beta8 - Arbitrary File Disclosure

Drupal avataruploader v7.x-1.0-beta8 - Arbitrary File Disclosure Title: Drupal avataruploader v7.x-1.0-beta8 - Arbitrary File Disclosure Author: Larry W. Cashdollar Date: 2018-03-30 CVE-ID: CVE-2018-9205 Download Site: https://www.drupal.org/project/avataruploader Vendor:...

5CVSS0.56924EPSS
Exploits6
exploitdb
exploitdb
added 2018/04/23 12:0 a.m.51 views

Drupal avatar_uploader v7.x-1.0-beta8 - Arbitrary File Disclosure

Title: Drupal avataruploader v7.x-1.0-beta8 - Arbitrary File Disclosure Author: Larry W. Cashdollar Date: 2018-03-30 CVE-ID: CVE-2018-9205 Download Site: https://www.drupal.org/project/avataruploader Vendor: https://www.drupal.org/u/robbinzhao Vendor Notified: 2018-04-02 Vendor Contact:...

7.5CVSS7.6AI score0.56924EPSS
Exploits6
zdt
zdt
added 2018/04/22 12:0 a.m.116 views

Drupal Avatar Uploader 7.x-1.0-beta8 Arbitary File Download Vulnerability

Exploit for php platform in category web applications Title: Arbitrary file download vulnerability in Drupal module avataruploader v7.x-1.0-beta8 Author: Larry W. Cashdollar CVE-ID:CVE-2018-9205 Download Site: https://www.drupal.org/project/avataruploader Vendor: https://www.drupal.org/u/robbinzh...

7.6AI score0.56924EPSS
Exploits6
Rows per page
Query Builder