漏洞描述
Laravel Framework是Taylor Otwell软件开发者开发的一款基于PHP的Web应用程序开发框架。Laravel framework5.5.21及之前的版本中存在安全漏洞。远程攻击者可利用该漏洞获取敏感信息(例如:密码)。
laravel .env 敏感信息泄露漏洞(CVE-2017-16894)
PoC代码
暂无相关漏洞推荐
- POC CVE-2017-16894: Laravel <5.5.21 - Information Disclosure
- POC CVE-2021-3129: Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution
- POC CVE-2022-40734: Laravel Filemanager v2.5.1 - Local File Inclusion
- POC CVE-2017-16894: Laravel .env 配置文件泄露
- POC CVE-2021-3129: LARAVEL <= V8.4.2 DEBUG MODE - REMOTE CODE EXECUTION
- POC CVE-2022-40734: UniSharp aka Laravel Filemanager v2.5.1 - Directory Traversal
- POC laravel-improper-webdir: Laravel Improper Webdir
- POC blade-oob: Laravel Blade 11.27.2 - Out of Band Template Injection
- POC laravel-env: Laravel - Sensitive Information Disclosure
- POC laravel-log-file: Laravel log file publicly accessible
- POC laravel-telescope: Laravel Telescope Disclosure
- POC laravel-debug-enabled: Laravel Debug Enabled
- POC laravel-debug-error: Larvel Debug Method Enabled