Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-12260

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00256EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2024-47214

Malicious code in bioql PyPI...

6.3CVSS4.8AI score0.0065EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 8:1 a.m.10 views

CVE-2024-6056

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the component Password Reset Handler. The manipulation of the argument Email leads to observable response...

6.3CVSS6.7AI score0.0065EPSS
Exploits1References1
Veracode
Veracode
added 2025/04/28 7:30 a.m.6 views

Cross-site Scripting (XSS)

Laravel Starter is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient input sanitization that allowing users to inject malicious JavaScript code into the tag name field...

6.1CVSS6.2AI score0.00256EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/26 4:58 a.m.18 views

CVE-2025-26159

Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...

6.1CVSS6AI score0.00256EPSS
Exploits0References1
OSV
OSV
added 2025/04/22 9:30 p.m.11 views

GHSA-FPX3-H2PC-88VF Laravel Starter Cross Site Scripting (XSS)

Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...

6.1CVSS6AI score0.00256EPSS
Exploits0References3
Snyk
Snyk
added 2025/04/22 9:30 p.m.1 views

Cross-site Scripting (XSS)

Overview nasirkhan/laravel-starter is a CMS like modular Laravel starter project. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the tags feature. An attacker can inject malicious JavaScript code by creating or modifying tags with a crafted name. Details...

6.1CVSS5.2AI score0.00256EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/04/22 9:30 p.m.19 views

Laravel Starter Cross Site Scripting (XSS)

Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...

6.1CVSS6AI score0.00256EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/04/22 8:15 p.m.18 views

CVE-2025-26159

Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...

6.1CVSS0.00256EPSS
Exploits0References2
OSV
OSV
added 2025/04/22 8:15 p.m.5 views

CVE-2025-26159

Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...

6.1CVSS5.8AI score0.00256EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/22 12:0 a.m.6 views

Laravel Starter 安全漏洞

Laravel Starter is a simple starter project based on Laravel 11.x by Nasir Khan Saikat Individual Developer. A security vulnerability exists in Laravel Starter version 11.11.0, which stems from insufficient handling of inputs in the name field in the labeling feature and could lead to a cross-sit...

6.1CVSS5.8AI score0.00256EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/22 12:0 a.m.5 views

CVE-2025-26159

Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...

6.2AI score0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/22 12:0 a.m.13 views

CVE-2025-26159

Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...

0.00256EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/22 12:0 a.m.7 views

PT-2025-17590 · Unknown · Laravel Starter

Name of the Vulnerable Software and Affected Versions: Laravel Starter version 11.11.0 Description: The issue concerns Cross Site Scripting XSS in the tags feature. Users who can create or modify tags can inject malicious JavaScript code into the name field. Recommendations: For Laravel Starter...

6.1CVSS5.1AI score0.00256EPSS
Exploits0References8
CVE
CVE
added 2025/04/22 12:0 a.m.86 views

CVE-2025-26159

CVE-2025-26159 affects Laravel Starter 11.11.0. The vulnerability is an XSS in the tags feature where any user who can create or modify tags can inject malicious JavaScript into the name field. The exact root cause and affected components are described in the connected documents as an XSS issue i...

6.1CVSS5.8AI score0.00256EPSS
Exploits0References2
NVD
NVD
added 2024/06/17 6:15 p.m.43 views

CVE-2024-6056

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the component Password Reset Handler. The manipulation of the argument Email leads to observable response...

6.3CVSS0.0065EPSS
Exploits1References4
OSV
OSV
added 2024/06/17 6:15 p.m.1 views

CVE-2024-6056

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the component Password Reset Handler. The manipulation of the argument Email leads to observable response...

5.3CVSS4.3AI score
Exploits0References4
Cvelist
Cvelist
added 2024/06/17 5:31 p.m.37 views

CVE-2024-6056 nasirkhan Laravel Starter Password Reset forgot-password observable response discrepancy

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the component Password Reset Handler. The manipulation of the argument Email leads to observable response...

6.3CVSS0.0065EPSS
Exploits1References4
CVE
CVE
added 2024/06/17 5:31 p.m.57 views

CVE-2024-6056

CVE-2024-6056 affects nasirkhan Laravel Starter up to 11.8.0, targeting the Password Reset Handler’s /forgot-password endpoint. The issue arises from manipulating the Email parameter, producing observable response discrepancies. Attack may be launched remotely; the CVE notes high complexity and d...

6.3CVSS4.3AI score0.0065EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/17 12:0 a.m.8 views

PT-2024-37350 · Unknown · Nasirkhan Laravel Starter

Name of the Vulnerable Software and Affected Versions: nasirkhan Laravel Starter versions up to 11.8.0 Description: A vulnerability was found in the Password Reset Handler component, specifically affecting some unknown functionality of the file /forgot-password. The manipulation of the Email...

6.3CVSS7AI score0.0065EPSS
Exploits1References6
Rows per page
Query Builder