21 matches found
EUVD-2025-12260
Malicious code in bioql PyPI...
EUVD-2024-47214
Malicious code in bioql PyPI...
CVE-2024-6056
A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the component Password Reset Handler. The manipulation of the argument Email leads to observable response...
Cross-site Scripting (XSS)
Laravel Starter is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient input sanitization that allowing users to inject malicious JavaScript code into the tag name field...
CVE-2025-26159
Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...
GHSA-FPX3-H2PC-88VF Laravel Starter Cross Site Scripting (XSS)
Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...
Cross-site Scripting (XSS)
Overview nasirkhan/laravel-starter is a CMS like modular Laravel starter project. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the tags feature. An attacker can inject malicious JavaScript code by creating or modifying tags with a crafted name. Details...
Laravel Starter Cross Site Scripting (XSS)
Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...
CVE-2025-26159
Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...
CVE-2025-26159
Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...
Laravel Starter 安全漏洞
Laravel Starter is a simple starter project based on Laravel 11.x by Nasir Khan Saikat Individual Developer. A security vulnerability exists in Laravel Starter version 11.11.0, which stems from insufficient handling of inputs in the name field in the labeling feature and could lead to a cross-sit...
CVE-2025-26159
Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...
CVE-2025-26159
Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...
PT-2025-17590 · Unknown · Laravel Starter
Name of the Vulnerable Software and Affected Versions: Laravel Starter version 11.11.0 Description: The issue concerns Cross Site Scripting XSS in the tags feature. Users who can create or modify tags can inject malicious JavaScript code into the name field. Recommendations: For Laravel Starter...
CVE-2025-26159
CVE-2025-26159 affects Laravel Starter 11.11.0. The vulnerability is an XSS in the tags feature where any user who can create or modify tags can inject malicious JavaScript into the name field. The exact root cause and affected components are described in the connected documents as an XSS issue i...
CVE-2024-6056
A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the component Password Reset Handler. The manipulation of the argument Email leads to observable response...
CVE-2024-6056
A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the component Password Reset Handler. The manipulation of the argument Email leads to observable response...
CVE-2024-6056 nasirkhan Laravel Starter Password Reset forgot-password observable response discrepancy
A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the component Password Reset Handler. The manipulation of the argument Email leads to observable response...
CVE-2024-6056
CVE-2024-6056 affects nasirkhan Laravel Starter up to 11.8.0, targeting the Password Reset Handler’s /forgot-password endpoint. The issue arises from manipulating the Email parameter, producing observable response discrepancies. Attack may be launched remotely; the CVE notes high complexity and d...
PT-2024-37350 · Unknown · Nasirkhan Laravel Starter
Name of the Vulnerable Software and Affected Versions: nasirkhan Laravel Starter versions up to 11.8.0 Description: A vulnerability was found in the Password Reset Handler component, specifically affecting some unknown functionality of the file /forgot-password. The manipulation of the Email...