17 matches found
📄 Laravel Pulse 1.3.1 Arbitrary Code Injection
Proof of concept exploit written in PHP for Laravel Pulse version 1.3.1. This version of Laravel Pulse suffers from an arbitrary code injection vulnerability...
EUVD-2024-3450
Malicious code in bioql PyPI...
Laravel Pulse 1.3.1 - Arbitrary Code Injection
!/usr/bin/env python3 Exploit Title: Laravel Pulse 1.3.1 - Arbitrary Code Injection Author: Mohammed Idrees Banyamer @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-06-06 Tested on: Laravel Pulse v1.2.0 / Ubuntu 22.04 / Apache2 CVE: CVE-2024-55661 Type: Remote Code Execution via...
CVE-2024-55661
Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability has been discovered in Laravel Pulse prior to version 1.3.1 that could allow remote code execution through the public remember method in the...
The vulnerability of the remember() function in the Laravel Pulse performance monitoring and application usage analysis tool allows a hacker to execute arbitrary code.
The vulnerability of the remember function in the Laravel Pulse performance monitoring and application usage analysis tool is related to improper code generation. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
Remote Code Execution (RCE)
laravel/pulse is vulnerable to Remote Code Execution RCE. The vulnerability is due to insufficient input validation in the remember method of the Laravel\Pulse\Livewire\Concerns\RemembersQueries trait, allows arbitrary callables to be executed without properly validating their parameters or...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the remember method of the RemembersQueries trait. An attacker can execute arbitrary code by invoking any function or static method where the callable has no parameters or lacks strict parameter types. PoC...
Laravel Pulse Allows Remote Code Execution via Unprotected Query Method
A vulnerability has been discovered in Laravel Pulse that could allow remote code execution through the public remember method in the Laravel\Pulse\Livewire\Concerns\RemembersQueries trait. This method is accessible via Livewire components and can be exploited to call arbitrary callables within t...
GHSA-8VWH-PR89-4MW2 Laravel Pulse Allows Remote Code Execution via Unprotected Query Method
A vulnerability has been discovered in Laravel Pulse that could allow remote code execution through the public remember method in the Laravel\Pulse\Livewire\Concerns\RemembersQueries trait. This method is accessible via Livewire components and can be exploited to call arbitrary callables within t...
CVE-2024-55661
Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability has been discovered in Laravel Pulse prior to version 1.3.1 that could allow remote code execution through the public remember method in the...
CVE-2024-55661
CVE-2024-55661 affects Laravel Pulse prior to 1.3.1. The vulnerability is triggered via the remember(callable $query, string $key = '') method in Laravel\Pulse\Livewire\Concerns\RemembersQueries, which allows an authenticated dashboard user to invoke arbitrary callables (functions or static metho...
CVE-2024-55661 Laravel Pulse Allows Remote Code Execution via Unprotected Query Method
Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability has been discovered in Laravel Pulse prior to version 1.3.1 that could allow remote code execution through the public remember method in the...
CVE-2024-55661 Laravel Pulse Allows Remote Code Execution via Unprotected Query Method
Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability has been discovered in Laravel Pulse prior to version 1.3.1 that could allow remote code execution through the public remember method in the...
CVE-2024-55661 Laravel Pulse Allows Remote Code Execution via Unprotected Query Method
Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability has been discovered in Laravel Pulse prior to version 1.3.1 that could allow remote code execution through the public remember method in the...
Laravel Pulse 安全漏洞
Laravel Pulse is an open source real-time application performance monitoring tool and dashboard for Laravel applications from The Laravel Framework. A security vulnerability exists in Laravel Pulse versions prior to 1.3.1, which stems from vulnerability to a remote code execution attack that can ...
PT-2024-10192 · Laravel · Laravel Pulse
Name of the Vulnerable Software and Affected Versions: Laravel Pulse versions prior to 1.3.1 Description: Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability exists in the public remember method within the...
Laravel Pulse Unrestricted Access
Laravel Pulse is a Laravel package that provides information about application performance. If an attacker gains access to this dashboard, he can retrieve sensitive information, notably from stack traces or endpoints. No source data...