CVE-2021-45040 – Laravel Media Library Pro <=2.1.6 – Arbitrary File Upload (Unauthenticated)

Read Time:26 Second

Posted by Kelvin Yip on Mar 14

Hi Team,

Here is the exploit information for CVE-2021-45040.

Below is summary of timeline for reference:

1. Contact developer (security contact: Freek) regarding the vulnerability at Mon 12/13/2021 11:42 AM (GMT+8)
2. Contact CERT.org at Mon 12/13/2021 10:36 PM
3. Submit CVE Request to Mitre at Mon 12/13/2021 11:30 PM
4. No response from vendor until now.
5. Possible solution had been documented by our research team:…

Read More