1079584 matches found
CVE-2026-46400
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 11.0.6 and prior to version 25.0.0, the file upload functionality in HAXCMS PHP only validates file extensions using a regex pattern without checking the actual file content or MIME type. This allows attacker...
MINI-9J34-WMQ5-QX94
Bulletin has no description...
ECHO-B5F1-63A7-4F7C
Bulletin has no description...
Exploit for Authentication Bypass Using an Alternate Path or Channel in Sangoma Freepbx
FreePBX 16 — Unauthenticated SQLi to RCE Proof-of-concept exp...
Exploit for Authentication Bypass Using an Alternate Path or Channel in Sangoma Freepbx
CVE-2025-57819 — FreePBX Unauthenticated SQLi → RCE One-shot...
Malicious code in uhd-setup (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 358eee34aaba61eaa93e977d35a18f35f59a56527d7c20b6e9a0bdf9c4a0a8da The OpenSSF Package Analysis project identified 'uhd-setup' @ 99.0.0 npm as malicious. It is considered malicious because: - The package...
CVE-2026-11334
A vulnerability was detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. This affects an unknown function of the file dashboardpage/forms/fetch.php. Performing a manipulation of the argument departmentcode results in...
CVE-2026-46394
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, an OS command injection vulnerability exists in the Git.php library of the HAXcms PHP backend. The application constructs shell command strings using unsanitized input and executes them via procopen. An...
CVE-2026-49493
Markdown Preview Enhanced before 0.8.28 parses Bitfield fenced code blocks with interpretJS, which evaluates the block content as code via vm.runInNewContext, allowing arbitrary code execution. A crafted markdown document containing a malicious bitfield code block executes attacker-controlled cod...
CVE-2026-5411
The WP Captcha PRO the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 5.38. This is due to a capability check in the saveajax function of the licensing module,...
CVE-2026-46399
HAX CMS helps manage microsite universe with PHP or NodeJs backends. The PHP version of HAX CMS prior to version 26.0.0 has an authenticated file overwrite vulnerability. An attacker can exploit this vulnerability to configure malicious Git filter commands and achieve code execution on the HAX CM...
zero2shell-50
ZeroToShell-50 🚀 A highly curated, containerized training g...
Exploit for Classic Buffer Overflow in Tp-Link Tl-Wr940N_Firmware
CVE-2024-54887 TypeScript PoC This repository contains a Type...
MINI-QQGM-378C-CMWH
Bulletin has no description...
MINI-RF7J-R52J-PH7R
Bulletin has no description...
MINI-J4G8-Q4FH-C38C
Bulletin has no description...
offensive-claude-533
Offensive Security Research Config for Claude Code !TIP...
MINI-7M74-HJGW-RMQR
Bulletin has no description...
MINI-QF6V-99MW-3H82
Bulletin has no description...
MINI-2RM5-6J39-Q8JQ
Bulletin has no description...