laravel-admin icon indicating copy to clipboard operation
laravel-admin copied to clipboard

Published 20 hours ago verified publisher icon z-song

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file.

Open Hel5ing opened this issue 1 year ago • 2 comments

  • Laravel Version: 9.0.x
  • PHP Version: 8.1.13
  • Laravel-admin: 1.8.19

Description:

我的企业Github发现框架存在以下风险,导致项目无法通过安全审核, 请问该如何修复?

截屏2023-06-30 下午1 18 21

Steps To Reproduce:

Hel5ing avatar Jun 30 '23 05:06 Hel5ing

a link instead of a screen to investigate it further?

Mte90 avatar Jul 04 '23 13:07 Mte90

#5726 Has a workaround for this issue.

alexoleynik0 avatar Sep 19 '23 13:09 alexoleynik0