DevDojo Voyager 漏洞列表
共找到 8 个与 DevDojo Voyager 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2024-55415: DevDojo Voyager <=1.8.0 - Arbitrary File Read POC
DevDojo Voyager through 1.8.0 is vulnerable to path traversal at the /admin/compass. -
CVE-2024-55416: DevDojo Voyager <=1.8.0 - Cross-Site Scripting POC
DevDojo Voyager through version 1.8.0 is vulnerable to reflected XSS via /admin/compass. By manipulating an authenticated user to click on a link, arbitrary Javascript can be executed. -
CVE-2024-55417: DevDojo Voyager <= 1.8.0 - Arbitrary File Write vulnerability POC
DevDojo Voyager through version 1.8.0 is vulnerable to bypassing the file type verification when an authenticated user uploads a file via /admin/media/upload. An authenticated user can upload a web shell causing arbitrary code execution on the server. -
CVE-2024-55415: DevDojo Voyager <=1.8.0 - Arbitrary File Read POC
DevDojo Voyager through 1.8.0 is vulnerable to path traversal at the /admin/compass. -
CVE-2024-55416: DevDojo Voyager <=1.8.0 - Cross-Site Scripting POC
DevDojo Voyager through version 1.8.0 is vulnerable to reflected XSS via /admin/compass. By manipulating an authenticated user to click on a link, arbitrary Javascript can be executed. -
CVE-2024-55417: DevDojo Voyager <= 1.8.0 - Arbitrary File Write vulnerability POC
DevDojo Voyager through version 1.8.0 is vulnerable to bypassing the file type verification when an authenticated user uploads a file via /admin/media/upload. An authenticated user can upload a web shell causing arbitrary code execution on the server. -
devdojo-voyager-default-login: DevDojo Voyager - Default login POC
DevDojo Voyager contains default credentials when run with dummy data. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. -
DevDojo Voyager /admin/login 默认口令漏洞 无POC
DevDojo Voyager 是一个功能强大且易于使用的 Laravel 后台管理系统,适合快速开发中小型项目的管理后台。系统默认提供的管理员账户(如 admin@admin.com 和默认密码 password)存在默认密码漏洞,攻击者可通过该漏洞登录后台并任意修改数据。