CVE-2024-21546

CVSS V2 None CVSS V3 None
Description
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution (RCE) through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code.
Overview
  • CVE ID
  • CVE-2024-21546
  • Assigner
  • snyk
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-12-18T06:06:02.529Z
  • Last Modified Date
  • 2024-12-18T06:06:02.529Z
History
Created Old Value New Value Data Type Notes
2024-12-19 13:35:15 Added to TrackCVE