Back to search
CVE-2024-0864
Published: Feb 29, 2024
Modified: Oct 10, 2024
PUBLISHED
Description
Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote code execution (RCE) attack via an improper input validation in a file_upload.php file which serves as an example. By default, Laragon is not vulnerable until a user decides to use the aforementioned plugin.
| Vendor | Product | Versions |
|---|---|---|
Leo Khoa | Laragon | affected 0 - <= * |
Weaknesses (CWE)
References
https://laragon.org/
product
https://cert.pl/en/posts/2024/02/CVE-2024-0864
third-party-advisory
https://cert.pl/posts/2024/02/CVE-2024-0864
third-party-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now