Packagist (Composer) package
encore/laravel-admin
pkg:composer/encore/laravel-admin
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-24249 | — | <= 1.8.19 | — | Feb 27, 2023 | An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file. | ||
| CVE-2019-17433 | — | — | — | Oct 10, 2019 | z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the Roles screen, because of mishandling on the "Operation log" screen. |
- CVE-2023-24249Feb 27, 2023affected <= 1.8.19
An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file.
- CVE-2019-17433Oct 10, 2019
z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the Roles screen, because of mishandling on the "Operation log" screen.