9 matches found
Laravel Livewire v3 - Remote Command Execution
Livewire v3 Laravel contains a vulnerability in its component hydration/update mechanism that can be exploited to reach remote command execution RCE without authentication under certain conditions. id: CVE-2025-54068 info: name: Laravel Livewire v3 - Remote Command Execution author: flame-11...
Exploit for Code Injection in Laravel Livewire
No d...
CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-31277link is external Apple Multiple Products Buffer Overflow Vulnerability CVE-2025-32432link is external Craft CMS Code Injection Vulnerability...
Laravel Livewire Code Injection Vulnerability
Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote command execution in specific scenarios...
Exploit for Code Injection in Laravel Livewire
CVE-2025-54068 A tool designed to exploit CVE-2025-54068 and...
CVE-2025-14894
Livewire Filemanager, commonly used in Laravel applications, contains LivewireFilemanagerComponent.php, which does not perform file type and MIME validation, allowing for RCE through upload of a malicious php file that can then be executed via the /storage/ URL if a commonly performed setup proce...
Exploit for Code Injection in Laravel Livewire
Livewire2025CVE Livewire CVE-2025-54068 Scanner Automated v...
Exploit for Code Injection in Laravel Livewire
Livepyre A tool designed to exploit CVE-2025-54068 an...
Cross-site Scripting (XSS)
Overview livewire/livewire is an A front-end framework for Laravel. Affected versions of this package are vulnerable to Cross-site Scripting XSS when a page uses Url for a property. An attacker can inject HTML code in the context of the user's browser session by crafting a malicious link and...