Skip to main content
Information Security

Questions tagged [laravel]

Ask Question

Laravel is a PHP framework.

22 questions
Newest Active Bountied Unanswered
-1 votes
1 answer
60 views

I am finalizing the security architecture for a new Laravel car rental platform that must store highly sensitive personally identifiable information (PII), specifically driver's licenses. My primary ...
Nurdin Szyurdd's user avatar
  • 1
0 votes
1 answer
120 views

I’ve developed a web interface that allows users to install or remove specific game addons. The site is hosted with Nginx, uses PHP on the backend, and is served over HTTPS. To perform an installation ...
sirzento's user avatar
  • 101
3 votes
0 answers
844 views

I have a Laravel registration form with the invisible google recaptcha v2 installed with the security set to highest level within the recaptcha admin console - code as follows: <div> <div ...
adam78's user avatar
  • 131
0 votes
1 answer
651 views

So I was testing my application for some vulerabilities and found one that I missed: <input class="hidden" type="hidden" name="event_id" value="{{$event->id)}}&...
user avatar
1 vote
2 answers
1k views

I was loading my sites front end and watching the responses in burpsuite when I noticed a response which contained a very verbose sql error "message": "SQLSTATE[22P02]: Invalid text ...
David's user avatar
  • 95
0 votes
1 answer
428 views

My website built upon Laravel is currently under attack. Only the index.php file was changed, and by that I mean that every line of code is inserted above the original Laravel code. So this code ...
Hassan Nasir's user avatar
  • 1
0 votes
1 answer
337 views

I'm developing a platform that has 2 parts: An API written using Laravel, that integrates with the database and provided data in a restful state. Multiple fronts that connect to the API and perform ...
Johansson's user avatar
  • 111
0 votes
0 answers
143 views

We are building a multitenancy web app with Laravel (+Blade), each user can create a store (tenancy), and have a control panel where they can edit the store settings and styling, to edit the store ...
RedZ's user avatar
  • 101
2 votes
2 answers
267 views

I recently had a breach on my site (laravel). I got aware of it after I tried to pull the code from github and found out that some files were modified. The files modified were mostly storage - logs/...
php.prg's user avatar
  • 21
0 votes
2 answers
1k views

I'm finding it really hard to find a solution to make secure requests via our API without a potential hacker being able to see sensitive secret information via Google Chrome dev tools (or any browser'...
Bilal's user avatar
  • 3
0 votes
2 answers
391 views

the most bizarre thing happened, someone fount out the smtp mail driver credentials from a Laravel project, which are stored in the .env. The credentials are used for a contact form. The .env was in ...
Don40's user avatar
  • 101
0 votes
1 answer
230 views

I am using laravel on shared hosting. Under my domain in my folder is the laravel app. Now I see online that many people do weird stuff with the laravel public folder, they either move it to a ...
Roman's user avatar
  • 157
2 votes
0 answers
1k views

We have a Laravel 5.6.x application running as a REST backend with PHP 7 on one of our servers. The server uses CentOS with WHM/cPanel/PhpMyAdmin Recently that server issued a maldet warning (our ...
Ablancore's user avatar
  • 21
2 votes
1 answer
5k views

I have a Laravel site, I thought I patched this issue already. I got these in my session.php 'secure' => true, 'http_only' => true, But OpenVas still detected that I still need to it. It ...
code-8's user avatar
  • 125
0 votes
1 answer
322 views

If I want to deploy a Laravel WebApp using MySQL DB on a VPS like DigitalOcean, Vultr or similar platforms, should I separate the VPS into WebApp VPS and MySQL VPS? Is it more secure? And what if I ...
PoundXI's user avatar
  • 3

15 30 50 per page
1
2