Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aushack vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-16894
In Laravel framework up to and including 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwords) via a direct request for the /.env URI. NOTE: this CVE is only about Laravel framework's writeNewEnvironmentFileWith function in src/Illum...
Laravel Laravel
1 EDB exploit
2 Github repositories
8.1
CVSSv3
CVE-2018-15133
In Laravel Framework up to and including 5.5.40 and 5.6.x up to and including 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and Pe...
Laravel Laravel
1 EDB exploit
19 Github repositories
1 Article
NA
CVE-2008-2938
Directory traversal vulnerability in Apache Tomcat 4.1.0 up to and including 4.1.37, 5.5.0 up to and including 5.5.26, and 6.0.0 up to and including 6.0.16, when allowLinking and UTF-8 are enabled, allows remote malicious users to read arbitrary files via encoded directory traver...
Apache Tomcat
2 EDB exploits
2 Metasploit modules
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started