Skip to content
CISA Known Exploited Vulnerability

CVE-2021-3129

Laravel Ignition contains a file upload vulnerability that allows unauthenticated remote attackers to execute malicious code due to insecure usage of file_get_contents() and file_put_contents().

⚠ Actively exploited (CISA KEV) Laravel 2021
CISA catalog entry
Product
Ignition
Vendor
Laravel
Added to KEV
2023-09-18
Remediation due
2023-10-09

CVE-2021-3129 is tracked in the CISA Known Exploited Vulnerabilities catalog. WebPulse monitors it as part of its framework security intelligence.

View CVE-2021-3129 on the NIST National Vulnerability Database →
Related vulnerabilities
CVE-2026-48019 CVE-2026-4809 CVE-2025-54068 CVE-2018-15133