Laravel Env Configuration File Leak Cve 2017 16894
Laravel Env Configuration File Leak Cve 2017 16894
Laravel .env configuration file leak CVE-2017-16894
Vulnerability Description
Laravel Framework is a PHP-based web application development framework developed by Taylor Otwell software developers.
Vulnerability Impact
Laravel framework <= 5.5.21
Network surveying and mapping
app=”Laravel-Framework”
Vulnerability reappears
</a-alert>
When the configuration is improper and within the scope of the impact, .env can be downloaded, resulting in the leakage of sensitive information such as database account passwords, etc.
This post is licensed under CC BY 4.0 by the author.