CVE-2025-26159
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-26159
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting (XSS) in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Laravel Starter 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Laravel Starter是Nasir Khan Saikat个人开发者的一个基于 Laravel 11.x 的简单入门项目。 Laravel Starter 11.11.0版本存在安全漏洞,该漏洞源于标签功能中对名称字段的输入处理不足,可能导致跨站脚本攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2025-26159
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | This script decodes, filters, and extracts cookies as part of the exploitation of CVE-2025-26159. | https://github.com/godBADTRY/CVE-2025-26159 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-26159
请登录查看更多情报信息。
Same Patch Batch · n/a · 2025-04-22 · 37 CVEs total
| CVE-2025-43951 | LabVantage Solutions LIMS 安全漏洞 | |
| CVE-2025-29547 | Horizon DataSys Rollback Rx Pro 安全漏洞 | |
| CVE-2025-29743 | D-Link DIR-816 A2 安全漏洞 | |
| CVE-2025-29339 | Open5GS 安全漏洞 | |
| CVE-2025-29621 | RosarioSIS 安全漏洞 | |
| CVE-2025-43946 | TCPWave DDI 安全漏洞 | |
| CVE-2025-43950 | DPMA direktPro 安全漏洞 | |
| CVE-2025-43948 | Codemers KLIMS 安全漏洞 | |
| CVE-2025-43949 | Mensch und Maschine MuM MapEdit 安全漏洞 | |
| CVE-2025-28030 | TOTOLINK A810R 安全漏洞 | |
| CVE-2025-43952 | METTLER TOLEDO FreeWeight.Net 安全漏洞 | |
| CVE-2025-43947 | Codemers KLIMS 安全漏洞 | |
| CVE-2024-40446 | MimeTeX 安全漏洞 | |
| CVE-2024-40445 | MimeTeX 安全漏洞 | |
| CVE-2024-33452 | OpenResty lua-nginx-module 安全漏洞 | |
| CVE-2024-46546 | NEXTU FLATA AX1500 安全漏洞 | |
| CVE-2024-53569 | Personal Management System 安全漏洞 | |
| CVE-2024-53568 | Personal Management System 安全漏洞 | |
| CVE-2025-28033 | TOTOLINK多款产品 安全漏洞 | |
| CVE-2023-44755 | Open Source SACCO Management System 安全漏洞 |
Showing top 20 of 37 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2025-26159
No comments yet