34 matches found
Laravel Filemanager v2.5.1 - Local File Inclusion
Laravel Filemanager aka UniSharp through version 2.5.1 is vulnerable to local file inclusion via download?workingdir=%2F. id: CVE-2022-40734 info: name: Laravel Filemanager v2.5.1 - Local File Inclusion author: arafatansari severity: medium description: | Laravel Filemanager aka UniSharp through...
EUVD-2024-3559
Malicious code in bioql PyPI...
EUVD-2022-0578
Malicious code in bioql PyPI...
CVE-2022-40734
UniSharp laravel-filemanager aka Laravel Filemanager before 2.6.4 allows download?workingdir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0...
Arbitrary Code Injection
Overview unisharp/laravel-filemanager is an A file upload/editor intended for use with Laravel 5 to 6 and CKEditor / TinyMCE. Affected versions of this package are vulnerable to Arbitrary Code Injection through using a valid mimetype and inserting the . character after the php file extension. Thi...
CVE-2024-21546
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...
UniSharp Laravel Filemanager Code Injection vulnerability
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...
GHSA-6569-3785-R3V6 UniSharp Laravel Filemanager Code Injection vulnerability
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...
CVE-2024-21546
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...
CVE-2024-21546
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...
CVE-2024-21546
The CVE-2024-21546 entry specifies a Laravel Filemanager (unisharp/laravel-filemanager) vulnerability: versions before 2.9.1 are susceptible to Remote Code Execution (RCE) via a crafted request that uses a valid mimetype and inserts a dot after the PHP file extension, enabling execution of arbitr...
CVE-2024-21546
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...
CVE-2024-21546
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...
GHSA-5M2H-7RF2-RPX6 UniSharp Laravel Filemanager directory traversal vulnerability
UniSharp laravel-filemanager aka Laravel Filemanager with league/flysystem version = 2.0.0...
UniSharp Laravel Filemanager directory traversal vulnerability
UniSharp laravel-filemanager aka Laravel Filemanager with league/flysystem version = 2.0.0...
CVE-2022-40734
UniSharp laravel-filemanager aka Laravel Filemanager before 2.6.4 allows download?workingdir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0...
CVE-2022-40734
UniSharp laravel-filemanager aka Laravel Filemanager before 2.6.4 allows download?workingdir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0...
CVE-2022-40734
UniSharp laravel-filemanager aka Laravel Filemanager before 2.6.4 allows download?workingdir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0...
Directory traversal
UniSharp laravel-filemanager aka Laravel Filemanager before 2.6.4 allows download?workingdir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0...
VulnCheck KEV: CVE-2022-40734
UniSharp laravel-filemanager aka Laravel Filemanager before 2.6.4 allows download?workingdir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0...