mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
29 lines
1.3 KiB
Markdown
29 lines
1.3 KiB
Markdown
|
### [CVE-2021-43617](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43617)
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
### Description
|
||
|
|
|
||
|
|
Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. NOTE: this CVE Record is for Laravel Framework, and is unrelated to any reports concerning incorrectly written user applications for image upload.
|
||
|
|
|
||
|
|
### POC
|
||
|
|
|
||
|
|
#### Reference
|
||
|
|
No PoCs from references.
|
||
|
|
|
||
|
|
#### Github
|
||
|
|
- https://github.com/ARPSyndicate/cvemon
|
||
|
|
- https://github.com/ChamalBandara/CVEs
|
||
|
|
- https://github.com/NaInSec/CVE-PoC-in-GitHub
|
||
|
|
- https://github.com/SYRTI/POC_to_review
|
||
|
|
- https://github.com/Sybelle03/CVE-2021-43617
|
||
|
|
- https://github.com/WhooAmii/POC_to_review
|
||
|
|
- https://github.com/aweiiy/CVE-2021-43617
|
||
|
|
- https://github.com/kombat1/CVE-2021-43617
|
||
|
|
- https://github.com/nomi-sec/PoC-in-GitHub
|
||
|
|
- https://github.com/soosmile/POC
|
||
|
|
- https://github.com/trhacknon/Pocingit
|
||
|
|
- https://github.com/zecool/cve
|
||
|
|
|