Voyager is a popular open-source PHP package designed to streamline the management of Laravel applications, providing a pre-built admin interface and various features. However, SonarQube Cloud's code analysis identified several security vulnerabilities in Voyager, including an arbitrary file write vulnerability that could lead to one-click remote code execution on a server if combined with other weaknesses such as authorization bypass or cross-site scripting attacks. The vulnerabilities were discovered by leveraging SonarQube Cloud's advanced code analysis capabilities and after multiple attempts to contact the project maintainers, no patches were available to address these issues. As a result, Voyager users are advised to exercise caution when deciding to use this project in their applications and make informed decisions about their use of Voyager.