EUVD-2025-17461

Malicious code in bioql PyPI...

The vulnerability of the Laravel Translation Manager PHP framework allows attackers to perform cross-site scripting attacks.

The vulnerability of the Laravel Translation Manager PHP framework is related to the lack of security measures for handling web page structures. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

CVE-2025-49130

Laravel Translation Manager is a package to manage Laravel translation files. Prior to version 0.6.8, the application is vulnerable to Cross-Site Scripting XSS attacks due to incorrect input validation and sanitization of user-input data. An attacker can inject arbitrary HTML code, including...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the collector, which does not properly sanitize user input. An attacker can execute arbitrary script code within the context of a user's browser, enabling them to hijack sessions, exfiltrate sensitive...

CVE-2025-49130

Laravel Translation Manager is a package to manage Laravel translation files. Prior to version 0.6.8, the application is vulnerable to Cross-Site Scripting XSS attacks due to incorrect input validation and sanitization of user-input data. An attacker can inject arbitrary HTML code, including...

CVE-2025-49130

Laravel Translation Manager (a Laravel package) is vulnerable to stored XSS prior to version 0.6.8 due to incorrect input validation and sanitization of user input. An attacker with access to the translation manager can inject arbitrary HTML/JavaScript into a page rendered to authenticated users,...

CVE-2025-49130 Laravel Translation Manager Vulnerable to Stored Cross-site Scripting

Laravel Translation Manager is a package to manage Laravel translation files. Prior to version 0.6.8, the application is vulnerable to Cross-Site Scripting XSS attacks due to incorrect input validation and sanitization of user-input data. An attacker can inject arbitrary HTML code, including...

CVE-2025-49130 Laravel Translation Manager Vulnerable to Stored Cross-site Scripting

Laravel Translation Manager is a package to manage Laravel translation files. Prior to version 0.6.8, the application is vulnerable to Cross-Site Scripting XSS attacks due to incorrect input validation and sanitization of user-input data. An attacker can inject arbitrary HTML code, including...

CVE-2025-49130 Laravel Translation Manager Vulnerable to Stored Cross-site Scripting

Laravel Translation Manager is a package to manage Laravel translation files. Prior to version 0.6.8, the application is vulnerable to Cross-Site Scripting XSS attacks due to incorrect input validation and sanitization of user-input data. An attacker can inject arbitrary HTML code, including...

laravel-translation-manager 跨站脚本漏洞

laravel-translation-manager is a barryvdh personal developer for managing Laravel translation files. A cross-site scripting vulnerability exists in laravel-translation-manager versions prior to 0.6.8, which stems from improper input validation and cleanup, and could lead to cross-site scripting...

FreeScout Security Bypass Vulnerability (CNVD-2025-20798)

FreeScout is an ultra-lightweight free open source helpdesk and shared inbox built using PHP Laravel framework by FreeScout. FreeScout suffers from a security bypass vulnerability that is caused by improper input validation of the laravel translation manager package. An attacker can exploit the...

CVE-2025-48479

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the laravel-translation-manager package does not correctly validate user input, enabling the deletion of any directory, given sufficient access rights. This issue has been patched in version 1.8.180...

CVE-2025-48479 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the laravel-translation-manager package does not correctly validate user input, enabling the deletion of any directory, given sufficient access rights. This issue has been patched in version 1.8.180...

CVE-2025-48479

CVE-2025-48479 affects FreeScout (self-hosted help desk) via the laravel-translation-manager package. The issue arises from improper validation of user input, enabling deletion of arbitrary directories when the attacker has sufficient access rights. The vulnerability is addressed in FreeScout ver...

CVE-2025-48479 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the laravel-translation-manager package does not correctly validate user input, enabling the deletion of any directory, given sufficient access rights. This issue has been patched in version 1.8.180...

FreeScout 安全漏洞

FreeScout is an ultra-lightweight free open source helpdesk and shared inbox built using PHP Laravel framework by FreeScout. FreeScout suffers from a security bypass vulnerability that is caused by improper input validation of the laravel translation manager package. An attacker can exploit the...

PT-2025-24437 · Unknown · Laravel Translation Manager

Name of the Vulnerable Software and Affected Versions: Laravel Translation Manager versions prior to 0.6.8 Description: The application is vulnerable to Cross-Site Scripting XSS attacks due to incorrect input validation and sanitization of user-input data. An attacker can inject arbitrary HTML...

PT-2025-23245 · Unknown +1 · Laravel Translation Manager +1

Name of the Vulnerable Software and Affected Versions: FreeScout versions prior to 1.8.180 Description: The issue concerns the laravel-translation-manager package in FreeScout, which does not correctly validate user input. This enables the deletion of any directory, given sufficient access rights...

GHSA-3FVF-2GP4-89WQ Possibility for Denial of Service by overwriting PHP files with language exports

Impact Laravel Translation Manager didn't check the locale name, which allowed directory traversal when exporting files. The content would be a PHP file returning an array of translations, but this could lead to unexpected results, like denial of service. Access to the Laravel Translation Manager...

Possibility for Denial of Service by overwriting PHP files with language exports

Impact Laravel Translation Manager didn't check the locale name, which allowed directory traversal when exporting files. The content would be a PHP file returning an array of translations, but this could lead to unexpected results, like denial of service. Access to the Laravel Translation Manager...