Vulnerabilities > Laravel > Framework > 5.4.15
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-20 | CVE-2020-19316 | OS Command Injection vulnerability in Laravel Framework OS Command injection vulnerability in function link in Filesystem.php in Laravel Framework before 5.8.17. | 8.8 |
| 2021-12-08 | CVE-2021-43808 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Laravel Framework Laravel is a web application framework. | 6.1 |
| 2021-11-14 | CVE-2021-43617 | Unrestricted Upload of File with Dangerous Type vulnerability in Laravel Framework Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. | 9.8 |
| 2019-03-28 | CVE-2018-6330 | SQL Injection vulnerability in Laravel Framework 5.4.15 Laravel 5.4.15 is vulnerable to Error based SQL injection in save.php via dhx_user and dhx_version parameters. | 8.8 |