CVE-2021-43617 PoC — Laravel Framework 代码问题漏洞

Source

https://github.com/kombat1/CVE-2021-43617

Associated Vulnerability

Title:Laravel Framework 代码问题漏洞 (CVE-2021-43617)
Description:Laravel Framework是Taylor Otwell个人开发者的一款基于PHP的Web应用程序开发框架。Illuminate是其中的一个组件。 Laravel Framework8.70.2之前版本存在安全漏洞，该漏洞源于框架并没有充分阻止可执行PHP内容的上传，因为Illuminate/Validation/Concerns/ValidatesAttributes.php缺少对.phar文件的检查，这些文件在基于Debian的系统上被处理为application/x-httpd-php。在某些

Description

CVE-2021-43617 bypass CRF

File Snapshot


 [4.0K]  /data/pocs/76d3c8f0b75e1c66cd9e823130a067ac6c1d81dd
└── [ 550]  exploit.py

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!