category_exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	MSF:EXPLOIT-MULTI-	ClickFix Server_MSF:EXPLOIT-MULTI-MISC-CLICKFIX_SERVER- This creates a Web Server which hosts a ClickFix type exploit. When a user visits the site they are given instructions on pasting our payload into ...	N/A	N/A	Jun 5, 2026	METASPLOIT
HIGH 7.2	PACKETSTORM:222804	📄 Lyrion Music Server 9.2.0 server.log Persistent Cross Site Scripting_PACKETSTORM:222804 The log viewer in Lyrion Music Server version 9.2.0 reflects request parameters and raw log content into HTML with no escaping. Any attacker-provid...	N/A	N/A	Jun 5, 2026	PACKETSTORM
HIGH 8.7	PACKETSTORM:222811	📄 Lyrion Music Server 9.2.0 Path Traversal / File Read_PACKETSTORM:222811 Lyrion Music Server version 9.2.0 suffers from a directory traversal vulnerability. Exploiting this issue will allow an unauthenticated attacker to...	N/A	N/A	Jun 5, 2026	PACKETSTORM
MEDIUM 6.1	PACKETSTORM:222812	📄 Lyrion Music Server 9.2.0 search Cross Site Scripting_PACKETSTORM:222812 Lyrion Music Server version 9.2.0 has advanced search parameters that are stuffed back into the page so the form keeps its values. Several free-tex...	N/A	N/A	Jun 5, 2026	PACKETSTORM
MEDIUM 6.9	PACKETSTORM:222810	📄 Lyrion Music Server 9.2.0 Arbitrary Directory Listing_PACKETSTORM:222810 Lyrion Music Server version 9.2.0 exposes a readdirectory query through both its CLI service TCP port 9090 and its HTTP JSON-RPC endpoint /jsonrpc....	N/A	N/A	Jun 5, 2026	PACKETSTORM
HIGH 7.2	PACKETSTORM:222805	📄 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting_PACKETSTORM:222805 Lyrion Music Server version 9.2.0 stores media file metadata tags such as GENRE, ARTIST, and ALBUM exactly as written in the file and later renders...	N/A	N/A	Jun 5, 2026	PACKETSTORM
MEDIUM 6.1	PACKETSTORM:222802	📄 Lyrion Music Server 9.2.0 server.log Reflected Cross Site Scripting_PACKETSTORM:222802 Lyrion Music Server version 9.2.0 suffers from an unauthenticated reflected cross site scripting vulnerability through server.log endpoint abusing ...	N/A	N/A	Jun 5, 2026	PACKETSTORM
CRITICAL 9.8	0C5B2896-9AE8-	root-ctf-2026_0C5B2896-9AE8-5699-A71E-66E4257B02BF Root- CTF 2026 - Date: 2026/06/05 - Location: NTUST National Taiwan University of Science and Technology - Organizer: OffSec OSCP+ Launch in Taiwan...	N/A	N/A	Jun 5, 2026	GITHUBEXPLOIT
HIGH 7.3	PACKETSTORM:222760	📄 Craft CMS 5.9.5 Missing Authorization / Denial of Service_PACKETSTORM:222760 Craft CMS versions 5.9.5 and below suffer from a missing authorization vulnerability that can trigger an unwanted migration...	N/A	N/A	Jun 5, 2026	PACKETSTORM
HIGH 7.5	PACKETSTORM:222745	📄 WordPress Contest Gallery 28.1.4 SQL Injection_PACKETSTORM:222745 WordPress Contest Gallery plugin versions 28.1.4 and below suffer from a remote SQL injection vulnerability...	N/A	N/A	Jun 5, 2026	PACKETSTORM