CVE-2017-14704

Name of the Vulnerable Software and Affected Versions Claydip Laravel Airbnb Clone version 1.0

Description The issue concerns unrestricted file upload vulnerabilities in the imageSubmit and proof submit functions. This allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and then accessing it via a direct request to the file in images/profile.

Recommendations For Claydip Laravel Airbnb Clone version 1.0, consider disabling the imageSubmit and proof submit functions until a patch is available to prevent remote authenticated users from uploading executable files. Restrict access to the images/profile directory to minimize the risk of exploitation. Avoid allowing uploads of files with executable extensions in these functions.