Support the ongoing development of Laravel.io →
lukaserat
posted 9 years ago
Security
Last updated 2 years ago.
0
xum
replied 9 years ago

These sort of scans are a usual occurrence, you'll see lots of them. They are not targeted at your website specifically, they just swipe the whole internet looking for known vulnerabilities in popular CMSes and webapps.

And what I also noticed, he was able to put paths.php on the same folder that when you browse it exploit all laravel path's function like "storage_path()"

I didn't get what you mean by this.

0
lukaserat
replied 9 years ago

@xum, first thanks for the reply it little bit calms me. about "paths.php", what I mean is there is "paths.php" located in public folder. And the content of that file is:

echo public_path();
echo app_path();
echo base_path();
// and all the remaining paths helper functions

I dont know how and why they did it, but it really threatens me.

Last updated 9 years ago.
0
skyzer
replied 9 years ago

laravel version?

0
astroanu
replied 9 years ago

interesting. Are you on L5?

0

Sign in to participate in this thread!

Eventy

Your banner here too?

lukaserat lukaserat Joined 7 Feb 2014

Moderators

We'd like to thank these amazing companies for supporting us

Eventy
Fathom
Forge
Envoyer
Beyond Code
BairesDev
Dotcom-monitor
N-iX

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

Laravel.io

Forum Articles Pastebin

Socials

X (Twitter) GitHub

The community

Laravel Laravel Laravel News Laravel News
Laracasts Laracasts Laravel Podcast Laravel Podcast
© 2024 Laravel.io - All rights reserved.
Terms of service Privacy policy Advertise