Vulnerabilities

Bagisto: Insecure installation in sub-directories

September 1, 2020

Posted by devsecweb— via Fulldisclosure on Sep 01

Vendor:
Bagisto (https://bagisto.com/)
Affected version:
All
Introduction:
Bagisto is an open source shop system based on PHP and Laravel framework
Vulnerability description:
Bagisto can be installed in sub-directories below the document root exposing the Laravel .env file which includes
database and e-mail server credentials.

Proof:
There have been observed installations in the wild exposing the .env file like…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Original Source

Tags: cyber, exploit, full disclosure, OSINT, seclist, Security, threatintel, vulnerabilities, vulnerability, vulns

US-CERT Vulnerability Summary for the Week of July 7, 2025

July 15, 2025

Vulnerabilities

[Palo Alto Networks Security Advisories] CVE-2023-48795 Impact of Terrapin SSH Attack

July 15, 2025

[QILIN] – Ransomware Victim: WH Rogers Sheet Metal

July 15, 2025

CVE Alert: CVE-2025-7519

July 15, 2025

CVE Alert: CVE-2025-7606

July 15, 2025

Original Source

You may have missed

US-CERT Vulnerability Summary for the Week of July 7, 2025

[Palo Alto Networks Security Advisories] CVE-2023-48795 Impact of Terrapin SSH Attack

[QILIN] – Ransomware Victim: WH Rogers Sheet Metal

CVE Alert: CVE-2025-7519

CVE Alert: CVE-2025-7606