Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2023-24249

Disclosure Date: February 27, 2023 (last updated October 08, 2023)
An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-17433

Disclosure Date: October 10, 2019 (last updated November 27, 2024)
z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the Roles screen, because of mishandling on the "Operation log" screen.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0