Skip to main content
CVE-2021-43272 CRITICAL Act Now

An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oda Viewer
NVD
CVSS 3.1
9.8
EPSS
3.5%
CVE-2021-43617 CRITICAL POC PATCH THREAT Act Now

Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

Debian PHP File Upload Framework
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
19.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy