deephas 1.0.7 - Prototype Pollution

Exploit Title: deephas 1.0.7 - Prototype Pollution Google Dork: N/A Date: 2026-02-01 Exploit Author: Mohammed Idrees Banyamer Author Country: Jordan Instagram: @banyamersecurity Vendor Homepage: https://www.npmjs.com/package/deephas Software Link: https://github.com/sharpred/deepHas Version: =...

Exploit for Cross-site Scripting in Churchcrm

CVE-2025-67875: ChurchCRM has stored XSS via Person Property A...

CVE-2025-57347

A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within the 'bk' module's addConflict function, which fails to properly sanitize user-supplied input during property assignment operations. This flaw allows attackers to exploit prototype pollution...

Prototype Pollution

js-object-utilities is vulnerable to Prototype Pollution. The vulnerability is due to unsanitized property assignment due to the lib.set function allowing attackers to modify the global prototype chain using crafted payloads...

CVE-2022-21824

Due to the formatting logic of the "console.table" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "proto". The prototype pollution has...