8 matches found
CVE-2024-0864
Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote code execution RCE attack via an improper input validation in a fileupload.php file which serves as an example. By default, Laragon is not vulnerable until a user decides to use the aforementioned...
CVE-2024-0864
CVE-2024-0864 affects Laragon when the Simple Ajax Uploader plugin is enabled. The vulnerability arises from improper input validation in a file_upload.php example that can enable remote code execution (RCE). By default, Laragon is not vulnerable unless the plugin is used. Connected sources (Red ...
CVE-2024-0864 RCE in Laragon
Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote code execution RCE attack via an improper input validation in a fileupload.php file which serves as an example. By default, Laragon is not vulnerable until a user decides to use the aforementioned...
CVE-2024-0864 RCE in Laragon
Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote code execution RCE attack via an improper input validation in a fileupload.php file which serves as an example. By default, Laragon is not vulnerable until a user decides to use the aforementioned...
PT-2024-15874 · Laragon · Laragon +1
Name of the Vulnerable Software and Affected Versions: Laragon affected versions not specified Description: The issue allows for a remote code execution RCE attack via an improper input validation in a file upload.php file, which serves as an example. This occurs when the Simple Ajax Uploader...
Drupal avatar_uploader v7.x-1.0-beta8 - Arbitrary File Disclosure
Drupal avataruploader v7.x-1.0-beta8 - Arbitrary File Disclosure Title: Drupal avataruploader v7.x-1.0-beta8 - Arbitrary File Disclosure Author: Larry W. Cashdollar Date: 2018-03-30 CVE-ID: CVE-2018-9205 Download Site: https://www.drupal.org/project/avataruploader Vendor:...
Drupal avatar_uploader v7.x-1.0-beta8 - Arbitrary File Disclosure
Title: Drupal avataruploader v7.x-1.0-beta8 - Arbitrary File Disclosure Author: Larry W. Cashdollar Date: 2018-03-30 CVE-ID: CVE-2018-9205 Download Site: https://www.drupal.org/project/avataruploader Vendor: https://www.drupal.org/u/robbinzhao Vendor Notified: 2018-04-02 Vendor Contact:...
Drupal Avatar Uploader 7.x-1.0-beta8 Arbitary File Download Vulnerability
Exploit for php platform in category web applications Title: Arbitrary file download vulnerability in Drupal module avataruploader v7.x-1.0-beta8 Author: Larry W. Cashdollar CVE-ID:CVE-2018-9205 Download Site: https://www.drupal.org/project/avataruploader Vendor: https://www.drupal.org/u/robbinzh...