CVE-2021-3129: Laravel Ignition File Upload Vulnerability. Laravel
Laravel Ignition File Upload Vulnerability. Laravel Ignition contains a file upload vulnerability that allows unauthenticated remote attackers to execute malicious code due to insecure usage of file_get_contents() and file_put_contents().
- CISA KEV-listed (remediation due 2023-10-09)
- used in ransomware campaigns
- EPSS 94.3% (99.9% percentile)