Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.11 views

CVE-2026-31843

The goodoneuz/pay-uz Laravel package = 2.2.24 contains a critical vulnerability in the /payment/api/editable/update endpoint that allows unauthenticated attackers to overwrite existing PHP payment hook files. The endpoint is exposed via Route::any without authentication middleware, enabling remot...

10CVSS6.4AI score0.01941EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/16 3:31 p.m.6 views

EUVD-2026-23225

The goodoneuz/pay-uz Laravel package = 2.2.24 contains a critical vulnerability in the /payment/api/editable/update endpoint that allows unauthenticated attackers to overwrite existing PHP payment hook files. The endpoint is exposed via Route::any without authentication middleware, enabling remot...

10CVSS6.4AI score0.01941EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/16 1:2 p.m.7 views

CVE-2026-31843

The goodoneuz/pay-uz Laravel package = 2.2.24 contains a critical vulnerability in the /payment/api/editable/update endpoint that allows unauthenticated attackers to overwrite existing PHP payment hook files. The endpoint is exposed via Route::any without authentication middleware, enabling remot...

10CVSS6.4AI score0.01941EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.6 views

PT-2026-33312

Name of the Vulnerable Software and Affected Versions pay-uz versions prior to 2.2.25 Description The pay-uz Laravel package contains a flaw in the '/payment/api/editable/update' endpoint. This endpoint is exposed via Route::any without authentication middleware, allowing unauthenticated remote...

10CVSS6AI score0.01941EPSS
Exploits0References14
Rows per page
Query Builder