Arbitrary File Upload
Overview snipe/snipe-it is an asset management system built on Laravel. Affected versions of this package are vulnerable to Arbitrary File Upload via the snipeit:restore command. An attacker can execute arbitrary system commands by uploading a specially crafted backup file containing malicious...