Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-43617 PoC — Laravel Framework 代码问题漏洞

Source
https://github.com/aweiiy/CVE-2021-43617
Associated Vulnerability
Title:Laravel Framework 代码问题漏洞 (CVE-2021-43617)
Description:Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. NOTE: this CVE Record is for Laravel Framework, and is unrelated to any reports concerning incorrectly written user applications for image upload.
File Snapshot

 [4.0K]  /data/pocs/7229d3e2ca1beb14f3a360578d4b771cdd31a28b
├── [4.0K]  Documentation
│   └── [572K]  NetSec.pdf
├── [4.0K]  Exploit
│   ├── [ 293]  exploit.py
│   ├── [ 169]  readme.txt
│   └── [ 748]  shell1.phar
└── [4.0K]  Product
    └── [ 12M]  Laravel 8.70.1.zip

3 directories, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →