Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
facade ignition vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-43996
The Ignition component prior to 1.16.15, and 2.0.x prior to 2.0.6, for Laravel has a "fix variable names" feature that can lead to incorrect access control.
Facade Ignition
7.5
CVSSv2
CVE-2021-3129
Ignition prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote malicious users to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel prior to 8....
Facade Ignition
43 Github repositories
1 Article
7.5
CVSSv2
CVE-2020-13909
The Ignition component prior to 2.0.5 for Laravel mishandles globals, _get, _post, _cookie, and _env. NOTE: in the 1.x series, versions 1.16.15 and later are unaffected as a consequence of the CVE-2021-43996 fix.
Facade Ignition
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started