关联漏洞
描述
Arbitrary Argument Injection Scanner CVE-2024-52301
介绍
This script using simple tools subfinder,httpx.
---
Laravel is a web application framework. When the register_argc_argv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The vulnerability fixed in 6.20.45, 7.30.7, 8.83.28, 9.52.17, 10.48.23, and 11.31.0. The framework now ignores argv values for environment detection on non-cli SAPIs.
https://github.com/laravel/framework/security/advisories/GHSA-gv7v-rgg6-548h
文件快照
[4.0K] /data/pocs/74865d7d4eecf2531b6187de3f6c76f1a88b2504
├── [2.8K] exploit.sh
└── [ 547] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。