CVE-2026-44547

ChurchCRM is an open-source church management system. From 7.2.0 to 7.2.2, The fix for CVE-2026-4058 is incomplete. The hardening commit was merged and then silently stripped from src/api/routes/public/public-user.php by an unrelated PR before any 7.2.x tag was cut. Every shipped 7.2.x release...

CIFSwitch

CIFSwitch CVE-2026-46243 Writeuphttps://heyitsas.im/post...

Exploit for OS Command Injection in Nestjs Devtools-Integration

PoC exploit for CVE-2025-54782, a vulnerability in an unspecifie...

Exploit for Path Traversal in Mikrotik Routeros

This is a PoC exploit for CVE-2018-14847, a vulnerability in RouterOS. The repository contains a simple implementation of a Winbox server, which is a protocol used to manage RouterOS devices. The server accepts a single Winbox message, parses it, and responds with a message indicating insufficien...

Exploit for CVE-2025-54914

This is a PoC exploit for CVE-2025-54914, a vulnerability in a s...

Exploit for CVE-2025-7766

CVE-2025-7766 PoC Exploit PoC for exploiting XML External Ent...

Exploit for CVE-2025-38089

Overview Proof-of-Concept exploit for NFSundown CVE-2025-3808...

Exploit for Improper Access Control in Microsoft

CVE-2025-33073 PoC Exploit for the NTLM reflection SMB flaw...

Exploit for Uncontrolled Resource Consumption in Ietf Http

PoC - CVE-2023-44487: HTTP/2 Rapid Reset Attack Este reposito...

Exploit for CVE-2025-29927

CVE-2025-29927-PoC-Exploit Proof-of-Concept for Authorization...

Exploit for CVE-2024-7014

PoC for-CVE-2024-7014 Exploit Proof of concept for the CVE-202...

POC Exploit Code Released for Apache HugeGraph RCE Vulnerability

...

Exploit for SQL Injection in Valvepress Automatic

MASS-CVE-2024-27956-RCE A PoC for CVE-2024-27956, a SQL Inject...

CISA Warns of Actively Exploited D-Link Router Vulnerabilities - Patch Now

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added two security flaws impacting D-Link routers to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2014-100005 - A cross-site...

Exploit for Path Traversal in Igniterealtime Openfire

CVE-2023-32315 - Openfire Authentication Bypass This reposito...

DLINK DPH-400SE - Exposure of Sensitive Information

Exploit Title : DLINK DPH-400SE - Exposure of Sensitive Information Date : 25-08-2023 Exploit Author : tahaafarooq Vendor Homepage : https://dlink.com/ Version : FRU2.2.15.8 Tested on: DLINK DPH-400SE VoIP Phone Description: With default credential for the guest user "guest:guest" to login on the...

Exploit for Path Traversal in Apache Http_Server

🚨 CVE-2021-42013 - Apache 2.4.49 & 2.4.50 Remote Code Executio...

Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection

Cybersecurity researchers have found a way to exploit a recently disclosed critical flaw in PaperCut servers in a manner that bypasses all current detections. Tracked as CVE-2023-27350 CVSS score: 9.8, the issue affects PaperCut MF and NG installations that could be exploited by an unauthenticate...

Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers

Print management software provider PaperCut said that it has "evidence to suggest that unpatched servers are being exploited in the wild," citing two vulnerability reports from cybersecurity company Trend Micro. "PaperCut has conducted analysis on all customer reports, and the earliest signature ...

NVFLARE < 2.1.4 - Unsafe Deserialization due to Pickle

Exploit Title: NVFLARE 2.1.4 - Unsafe Deserialization due to Pickle Exploit Author: Elias Hohl Google Dork: N/A Date: 2022-06-21 Vendor Homepage: https://www.nvidia.com Software Link: https://github.com/NVIDIA/NVFlare Version: 2.1.4 Tested on: Ubuntu 20.04 CVE : CVE-2022-34668...