CVE-2018-8947

Name of the Vulnerable Software and Affected Versions rap2hpoutre Laravel Log Viewer versions prior to 0.13.0

Description The issue allows remote attackers to bypass intended access restrictions. This is because the software relies on Base64 encoding for certain requests, making it easier for attackers to exploit. For example, attackers can read arbitrary files via a 'dl' request.

Recommendations For versions prior to 0.13.0, update to version 0.13.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the 'dl' request to minimize the risk of exploitation.