Skip to content

im-hanzou/CVE-2025-56399

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
.gitignore
.gitignore
 
 
CVE-2025-56399-httpx.py
CVE-2025-56399-httpx.py
 
 
CVE-2025-56399.py
CVE-2025-56399.py
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

CVE-2025-56399 Mass Exploit

CVE-2025-56399 – Remote Code Execution in laravel-file-manager v3.3.1. Exploits misconfigured config in Laravel File Manager to upload and verify a PHP shell via unauthenticated file upload.

Installation

Download repository

git clone https://github.com/im-hanzou/CVE-2025-56399

Go to repository folder

cd CVE-2025-56399

Install requirements

pip install -r requirements.txt

Usage

Prepare a targets.txt file, one target per line:

https://example.com
192.168.1.1:8080

Run:

python CVE-2025-56399.py

Results are saved to:

  • vulnerable.txt — targets with exposed file manager
  • uploaded.txt — shell URLs with status [CONFIRMED] / [UPLOADED] / [UNVERIFIED]

Disclaimer

This tool is for educational and authorized security research purposes only. The author is not responsible for any misuse or damage caused by this tool. Only use against systems you own or have explicit permission to test.

About

CVE-2025-56399 – Remote Code Execution in laravel-file-manager v3.3.1. Exploits misconfigured config in Laravel File Manager to upload and verify a PHP shell via unauthenticated file upload.

github.com/alexusmai/laravel-file-manager

Topics

php laravel framework exploit scanner php-framework auto-exploit mass-scanner cve-2025-56399

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Contributors

Languages