Lucene search
K

17 matches found

Packet Storm
Packet Storm
added 2025/12/18 12:0 a.m.167 views

📄 Laravel Pulse 1.3.1 Arbitrary Code Injection

Proof of concept exploit written in PHP for Laravel Pulse version 1.3.1. This version of Laravel Pulse suffers from an arbitrary code injection vulnerability...

8.8CVSS7.7AI score0.28571EPSS
Exploits3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-3450

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.28571EPSS
Exploits3References4
Exploit DB
Exploit DB
added 2025/06/09 12:0 a.m.404 views

Laravel Pulse 1.3.1 - Arbitrary Code Injection

!/usr/bin/env python3 Exploit Title: Laravel Pulse 1.3.1 - Arbitrary Code Injection Author: Mohammed Idrees Banyamer @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-06-06 Tested on: Laravel Pulse v1.2.0 / Ubuntu 22.04 / Apache2 CVE: CVE-2024-55661 Type: Remote Code Execution via...

8.8CVSS8.8AI score0.28571EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/05/23 7:41 a.m.12 views

CVE-2024-55661

Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability has been discovered in Laravel Pulse prior to version 1.3.1 that could allow remote code execution through the public remember method in the...

8.8CVSS8AI score0.28571EPSS
Exploits3References1
BDU FSTEC
BDU FSTEC
added 2025/01/21 12:0 a.m.6 views

The vulnerability of the remember() function in the Laravel Pulse performance monitoring and application usage analysis tool allows a hacker to execute arbitrary code.

The vulnerability of the remember function in the Laravel Pulse performance monitoring and application usage analysis tool is related to improper code generation. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6AI score0.28571EPSS
Exploits3References3Affected Software1
Veracode
Veracode
added 2024/12/16 5:55 a.m.18 views

Remote Code Execution (RCE)

laravel/pulse is vulnerable to Remote Code Execution RCE. The vulnerability is due to insufficient input validation in the remember method of the Laravel\Pulse\Livewire\Concerns\RemembersQueries trait, allows arbitrary callables to be executed without properly validating their parameters or...

8.8CVSS8.2AI score0.28571EPSS
Exploits3References3Affected Software1
Snyk
Snyk
added 2024/12/13 8:35 p.m.8 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the remember method of the RemembersQueries trait. An attacker can execute arbitrary code by invoking any function or static method where the callable has no parameters or lacks strict parameter types. PoC...

8.8CVSS7.9AI score0.28571EPSS
Exploits3References2
Github Security Blog
Github Security Blog
added 2024/12/13 8:35 p.m.22 views

Laravel Pulse Allows Remote Code Execution via Unprotected Query Method

A vulnerability has been discovered in Laravel Pulse that could allow remote code execution through the public remember method in the Laravel\Pulse\Livewire\Concerns\RemembersQueries trait. This method is accessible via Livewire components and can be exploited to call arbitrary callables within t...

8.8CVSS8.9AI score0.28571EPSS
Exploits3References4Affected Software1
OSV
OSV
added 2024/12/13 8:35 p.m.15 views

GHSA-8VWH-PR89-4MW2 Laravel Pulse Allows Remote Code Execution via Unprotected Query Method

A vulnerability has been discovered in Laravel Pulse that could allow remote code execution through the public remember method in the Laravel\Pulse\Livewire\Concerns\RemembersQueries trait. This method is accessible via Livewire components and can be exploited to call arbitrary callables within t...

8.7CVSS8.9AI score0.28571EPSS
Exploits3References4
NVD
NVD
added 2024/12/13 4:15 p.m.17 views

CVE-2024-55661

Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability has been discovered in Laravel Pulse prior to version 1.3.1 that could allow remote code execution through the public remember method in the...

8.8CVSS0.28571EPSS
Exploits3References2
CVE
CVE
added 2024/12/13 4:4 p.m.92 views

CVE-2024-55661

CVE-2024-55661 affects Laravel Pulse prior to 1.3.1. The vulnerability is triggered via the remember(callable $query, string $key = '') method in Laravel\Pulse\Livewire\Concerns\RemembersQueries, which allows an authenticated dashboard user to invoke arbitrary callables (functions or static metho...

8.8CVSS7.7AI score0.28571EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2024/12/13 4:4 p.m.22 views

CVE-2024-55661 Laravel Pulse Allows Remote Code Execution via Unprotected Query Method

Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability has been discovered in Laravel Pulse prior to version 1.3.1 that could allow remote code execution through the public remember method in the...

8.7CVSS0.28571EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2024/12/13 4:4 p.m.21 views

CVE-2024-55661 Laravel Pulse Allows Remote Code Execution via Unprotected Query Method

Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability has been discovered in Laravel Pulse prior to version 1.3.1 that could allow remote code execution through the public remember method in the...

8.7CVSS8.1AI score0.28571EPSS
Exploits3References2
OSV
OSV
added 2024/12/13 4:4 p.m.13 views

CVE-2024-55661 Laravel Pulse Allows Remote Code Execution via Unprotected Query Method

Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability has been discovered in Laravel Pulse prior to version 1.3.1 that could allow remote code execution through the public remember method in the...

8.7CVSS8.2AI score0.28571EPSS
Exploits3References4
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.7 views

Laravel Pulse 安全漏洞

Laravel Pulse is an open source real-time application performance monitoring tool and dashboard for Laravel applications from The Laravel Framework. A security vulnerability exists in Laravel Pulse versions prior to 1.3.1, which stems from vulnerability to a remote code execution attack that can ...

8.8CVSS7.7AI score0.28571EPSS
Exploits3References3
Positive Technologies
Positive Technologies
added 2024/10/12 12:0 a.m.7 views

PT-2024-10192 · Laravel · Laravel Pulse

Name of the Vulnerable Software and Affected Versions: Laravel Pulse versions prior to 1.3.1 Description: Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability exists in the public remember method within the...

9.3CVSS7.5AI score0.28571EPSS
Exploits3References20
Tenable Nessus
Tenable Nessus
added 2024/09/03 12:0 a.m.9 views

Laravel Pulse Unrestricted Access

Laravel Pulse is a Laravel package that provides information about application performance. If an attacker gains access to this dashboard, he can retrieve sensitive information, notably from stack traces or endpoints. No source data...

6.8AI score
Exploits0References3
Rows per page
Query Builder