unisharp CVE 脆弱性と CVE 一覧(2)

製品(CPE): — CVE 件数: 2

unisharp 脆弱性概要

This page aggregates publicly disclosed CVE and security risk information related to unisharp, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

脆弱性分布の推移(直近24か月)

表示中 12 / 2 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2022-40734 UniSharp laravel-filemanager (aka Laravel Filemanager) before 2.6.4 allows download?working_dir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0. [email protected] 6.5 4.06% 2022-09-14 2026-06-17
CVE-2021-23814 This affects versions of the package unisharp/laravel-filemanager before 2.6.2. The upload() function does not sufficiently validate the file type when uploading. An attacker may be able to reproduce the following steps: 1. Install a package with a web Laravel application. 2. Navigate to the Upload window 3. Upload an image file, then capture the request 4. Edit the request contents with a malicious file (webshell) 5. Enter the path of file uploaded on URL - Remote Code Execution **Note:** P [email protected] 6.7 1.82% 2021-12-17 2026-06-16
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence