packetstorm - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.3	PACKETSTORM:223224	📄 Craft CMS 5.9.5 Missing Authorization / Authentication Bypass_PACKETSTORM:223224 This script is an assessment and exploitation framework targeting a missing authorization vulnerability in affected versions of Craft CMS that may ...	N/A	N/A	Jun 11, 2026	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:223236	📄 Drupal core 10.5.5 JSON:API PostgreSQL Error-Based SQL Injection_PACKETSTORM:223236 This code demonstrates a research-oriented implementation targeting a reported SQL injection condition in Drupal JSON:API endpoints backed by Postg...	N/A	N/A	Jun 11, 2026	PACKETSTORM
NONE	PACKETSTORM:223240	📄 FIFOFox: Windows Named-Pipe Weak Permission and Access Control Validation_PACKETSTORM:223240 This C-based framework analyzes Windows named pipes for insecure permission configurations and weak access controls that could introduce privilege ...	N/A	N/A	Jun 11, 2026	PACKETSTORM
HIGH 7.3	PACKETSTORM:223138	📄 IO-Compress 2.219 Eval Injection_PACKETSTORM:223138 An eval injection vulnerability in File::GlobMapper::getFiles allows any attacker who can control the output fileglob argument passed to IO::Compre...	N/A	N/A	Jun 10, 2026	PACKETSTORM
HIGH 8.5	PACKETSTORM:223093	📄 Chatwoot 4.11.1 SQL Injection_PACKETSTORM:223093 This Metasploit module targets an authenticated SQL injection vulnerability in the conversation filtering functionality of Chatwoot instances up to...	N/A	N/A	Jun 10, 2026	PACKETSTORM
CRITICAL 10	PACKETSTORM:223077	📄 UniFi Network 9.0.118 Path Traversal / File Disclosure_PACKETSTORM:223077 UniFi Network version9.0.118 suffers from a path traversal vulnerability that can lead to arbitrary file disclosure...	N/A	N/A	Jun 10, 2026	PACKETSTORM
HIGH 7.2	PACKETSTORM:222804	📄 Lyrion Music Server 9.2.0 server.log Persistent Cross Site Scripting_PACKETSTORM:222804 The log viewer in Lyrion Music Server version 9.2.0 reflects request parameters and raw log content into HTML with no escaping. Any attacker-provid...	N/A	N/A	Jun 5, 2026	PACKETSTORM
HIGH 8.7	PACKETSTORM:222811	📄 Lyrion Music Server 9.2.0 Path Traversal / File Read_PACKETSTORM:222811 Lyrion Music Server version 9.2.0 suffers from a directory traversal vulnerability. Exploiting this issue will allow an unauthenticated attacker to...	N/A	N/A	Jun 5, 2026	PACKETSTORM
MEDIUM 6.1	PACKETSTORM:222812	📄 Lyrion Music Server 9.2.0 search Cross Site Scripting_PACKETSTORM:222812 Lyrion Music Server version 9.2.0 has advanced search parameters that are stuffed back into the page so the form keeps its values. Several free-tex...	N/A	N/A	Jun 5, 2026	PACKETSTORM
MEDIUM 6.9	PACKETSTORM:222810	📄 Lyrion Music Server 9.2.0 Arbitrary Directory Listing_PACKETSTORM:222810 Lyrion Music Server version 9.2.0 exposes a readdirectory query through both its CLI service TCP port 9090 and its HTTP JSON-RPC endpoint /jsonrpc....	N/A	N/A	Jun 5, 2026	PACKETSTORM