Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2017-16894 PoC — Laravel Framework 信息泄露漏洞

Source
https://github.com/ibnurusdianto/CVE-2017-16894
Associated Vulnerability
Title:Laravel Framework 信息泄露漏洞 (CVE-2017-16894)
Description:In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwords) via a direct request for the /.env URI. NOTE: this CVE is only about Laravel framework's writeNewEnvironmentFileWith function in src/Illuminate/Foundation/Console/KeyGenerateCommand.php, which uses file_put_contents without restricting the .env permissions. The .env filename is not used exclusively by Laravel framework.
Description
Project Program sederhana hasil belajar python, untuk mendeteksi CVE 2017 – 16894 (remote attackers can obtain sensitive information)
Readme
Screenshot : 

![image](https://github.com/ibnurusdianto/.env-cve2017/assets/43640284/367ed0a5-2536-42df-9b64-b44cbe45228f)
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →