These sort of scans are a usual occurrence, you'll see lots of them. They are not targeted at your website specifically, they just swipe the whole internet looking for known vulnerabilities in popular CMSes and webapps.
And what I also noticed, he was able to put paths.php on the same folder that when you browse it exploit all laravel path's function like "storage_path()"
I didn't get what you mean by this.
@xum, first thanks for the reply it little bit calms me. about "paths.php", what I mean is there is "paths.php" located in public folder. And the content of that file is:
echo public_path();
echo app_path();
echo base_path();
// and all the remaining paths helper functions
I dont know how and why they did it, but it really threatens me.
Sign in to participate in this thread!
The Laravel portal for problem solving, knowledge sharing and community building.
The community