mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
1.3 KiB
1.3 KiB
CVE-2021-43617
Description
Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. NOTE: this CVE Record is for Laravel Framework, and is unrelated to any reports concerning incorrectly written user applications for image upload.
POC
Reference
No PoCs from references.
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ChamalBandara/CVEs
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/Sybelle03/CVE-2021-43617
- https://github.com/WhooAmii/POC_to_review
- https://github.com/aweiiy/CVE-2021-43617
- https://github.com/kombat1/CVE-2021-43617
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
- https://github.com/trhacknon/Pocingit
- https://github.com/zecool/cve