Remote Code Execution (RCE)

livewire/livewire is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of component property hydration caused by insecure logic in how certain component properties are updated, allowing unauthenticated attackers to execute commands in specific configurations...

CVE-2025-54068

Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. The issue stems from how certain component property updates are hydrated. This vulnerability is...

CVE-2025-54068

Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. The issue stems from how certain component property updates are hydrated. This vulnerability is...

Joomla! Component JExtensions Property Finder - 'sf_id' SQL Injection

source: https://www.securityfocus.com/bid/45333/info JExtensions Property Finder is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...