Freek Van der Herten

5 exploits Active since Dec 2024
CVE-2024-21544 WRITEUP HIGH WRITEUP
Spatie Browsershot < 5.0.1 - Improper Input Validation
Versions of the package spatie/browsershot before 5.0.1 are vulnerable to Improper Input Validation due to improper URL validation in the setUrl method. An attacker can exploit this vulnerability by using leading whitespace (%20) before the file:// protocol, resulting in Local File Inclusion, which allows the attacker to read sensitive files on the server.
CVSS 8.6
CVE-2024-21547 WRITEUP HIGH WRITEUP
Spatie Browsershot < 5.0.2 - Path Traversal
Versions of the package spatie/browsershot before 5.0.2 are vulnerable to Directory Traversal due to URI normalisation in the browser where the file:// check can be bypassed with file:\\. An attacker could read any file on the server by exploiting the normalization of \ into /.
CVSS 7.5
CVE-2024-21549 WRITEUP HIGH WRITEUP
Spatie Browsershot < 5.0.3 - Improper Input Validation
Versions of the package spatie/browsershot before 5.0.3 are vulnerable to Improper Input Validation due to improper URL validation through the setUrl method. An attacker can exploit this vulnerability by utilizing view-source:file://, which allows for arbitrary file reading on a local file. **Note:** This is a bypass of the fix for [CVE-2024-21544](https://security.snyk.io/vuln/SNYK-PHP-SPATIEBROWSERSHOT-8496745).
CVSS 8.6
CVE-2025-1022 WRITEUP HIGH WRITEUP
Spatie/Browsershot <5.0.5 - Info Disclosure
Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html(), which can be bypassed by omitting the slashes in the file URI (e.g., file:../../../../etc/passwd). This is due to missing validations of the user input that should be blocking file URI schemes (e.g., file:// and file:/) in the HTML content.
CVSS 8.2
CVE-2025-1026 WRITEUP HIGH WRITEUP
Spatie/Browsershot <5.0.5 - Local File Inclusion
Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation due to improper URL validation through the setUrl method, which results in a Local File Inclusion allowing the attacker to read sensitive files. **Note:** This is a bypass of the fix for [CVE-2024-21549](https://security.snyk.io/vuln/SNYK-PHP-SPATIEBROWSERSHOT-8533023).
CVSS 8.6