metasploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.7	MSF:EXPLOIT-MULTI-	WebDAV PHP Upload_MSF:EXPLOIT-MULTI-HTTP-WEBDAV_UPLOAD_PHP- This module exploits WebDAV which also has PHP enabled, such as found on XAMPP servers. It can use do by using any supplied credentials to upload v...	N/A	N/A	Apr 21, 2026	METASPLOIT
HIGH 7.7	MSF:AUXILIARY-GATHER-	Camaleon CMS Directory Traversal CVE-2024-46987_MSF:AUXILIARY-GATHER-CAMALEON_DOWNLOAD_PRIVATE_FILE- Exploits CVE-2024-46987, an authenticated directory traversal vulnerability in Camaleon CMS versions use auxiliary/gather/camaleondownloadprivatefi...	N/A	N/A	Apr 17, 2026	METASPLOIT
NONE	MSF:PAYLOAD-LINUX-	Linux Chmod_MSF:PAYLOAD-LINUX-LOONGARCH64-CHMOD- Runs chmod on the specified file with specified mode. Module Options msf use payload/linux/loongarch64/chmod msf payloadchmod show actions ...actio...	N/A	N/A	Apr 16, 2026	METASPLOIT
CRITICAL 9.1	MSF:EXPLOIT-MULTI-	ChurchCRM Database Restore RCE 6.2.0_MSF:EXPLOIT-MULTI-HTTP-CHURCHCRM_DB_RESTORE_RCE- This module exploits a Remote Code Execution RCE vulnerability in ChurchCRM versions prior to 6.2.0. The vulnerability resides in the Database Rest...	N/A	N/A	Apr 16, 2026	METASPLOIT
NONE	MSF:EXPLOIT-WINDOWS-	Windows Persistence Bits Job_MSF:EXPLOIT-WINDOWS-PERSISTENCE-BITS- This module establishes persistence through a BITS job that downloads and executes a payload. Background Intelligent Transfer Service BITS is a Win...	N/A	N/A	Apr 15, 2026	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-LINUX-	openDCIM install.php SQL Injection to RCE_MSF:EXPLOIT-LINUX-HTTP-OPENDCIM_INSTALL_SQLI_RCE- This module exploits a SQL injection vulnerability in openDCIM's install.php endpoint CVE-2026-28515 to achieve remote code execution. The install....	N/A	N/A	Apr 15, 2026	METASPLOIT
NONE	MSF:EXPLOIT-WINDOWS-	Powershell Profile Persistence_MSF:EXPLOIT-WINDOWS-PERSISTENCE-POWERSHELL_PROFILE- This module establishes persistence by modifying a PowerShell profile script, which is automatically executed when PowerShell starts. The module su...	N/A	N/A	Apr 15, 2026	METASPLOIT
NONE	MSF:EXPLOIT-LINUX-	Selenium Grid/Selenoid Unauthenticated RCE_MSF:EXPLOIT-LINUX-HTTP-SELENIUM_GREED_RCE- Selenium Grid and Selenoid expose a WebDriver API that allows creating browser sessions with arbitrary capabilities. When deployed without authenti...	N/A	N/A	Apr 14, 2026	METASPLOIT
CRITICAL 9.8	MSF:AUXILIARY-GATHER-	AVideo Unauthenticated SQL Injection Credential Dump_MSF:AUXILIARY-GATHER-AVIDEO_CATNAME_SQLI- AVideo use auxiliary/gather/avideocatnamesqli msf auxiliaryavideocatnamesqli show actions ...actions... msf auxiliaryavideocatnamesqli set ACTION m...	N/A	N/A	Apr 10, 2026	METASPLOIT
NONE	MSF:EXPLOIT-WINDOWS-	Windows Registry Active Setup Persistence_MSF:EXPLOIT-WINDOWS-PERSISTENCE-REGISTRY_ACTIVE_SETUP- This module will register a payload to run via the Active Setup mechanism in Windows. Active Setup is a Windows feature that runs once per user at ...	N/A	N/A	Feb 20, 2026	METASPLOIT