Whiteman007

**Name of the Vulnerable Software and Affected Versions** Laravel Framework versions 8 through 11 **Description** An issue in the Laravel Framework might allow a remote attacker to discover database credentials in the storage/logs/laravel.log file. This is due to insufficient protection of sensitive data when handling the laravel.log file. The exploitation of this issue can allow an attacker to gain unauthorized access to protected information. It is noted that the owner of a Laravel Framework installation can choose to have debugging logs, but needs to set the access control appropriately for the type of data that may be logged. **Recommendations** For Laravel Framework versions 8 through 11, consider restricting access to the storage/logs/laravel.log file to minimize the risk of exploitation. As a temporary workaround, review and adjust the logging configuration to prevent sensitive data from being logged. Ensure proper access control is set for the type of data that may be logged. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** adv radius version 2.2.5 **Description** A SQL injection issue allows a local attacker to execute arbitrary code via a crafted script. This enables the attacker to potentially gain unauthorized access and control over the system. **Recommendations** For adv radius version 2.2.5, at the moment, there is no information about a newer version that contains a fix for this vulnerability.