Laravel log viewer is a log viewer for Laravel 5 (compatible with 4.2 too) and Lumen.
Laravel Log Viewer before version v0.13.0 relies on Base64 encoding of filenames for l, dl, and del endpoints, which makes it easier for remote attackers to bypass access restrictions, as demonstrated by reading arbitrary files via a dl request.
- Upgrade to the latest version of Laravel Log Viewer. This vulnerability was fixed in Laravel Log Viewer v0.13.0.
- WordPress 2.3.3 Directory Traversal Vulnerability (0.6.2 - 2.3.3)
- Joomla! Core 1.5.x Directory Traversal (1.5.0 - 1.5.8)
- AjaxControlToolkit directory traversal
- WordPress Plugin XCloner-Backup and Restore Directory Traversal (3.1.4)
- WordPress Plugin WP Cost Estimation & Payment Forms Builder Directory Traversal (9.659)