packetstorm - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	PACKETSTORM:213735	📄 Web-Check Screenshot API Command Injection_PACKETSTORM:213735 This Metasploit module exploits a command injection vulnerability in Web-Check's /api/screenshot endpoint. The directChromiumScreenshot function us...	N/A	N/A	Jan 13, 2026	PACKETSTORM
NONE	PACKETSTORM:213714	📄 LibreChat MCP Remote Command Execution_PACKETSTORM:213714 LibreChat's Model Context Protocol MCP implementation contained a remote command execution vulnerability that allowed any authenticated user to exe...	N/A	N/A	Jan 12, 2026	PACKETSTORM
NONE	PACKETSTORM:213675	📄 Eptura Archibus Directory Traversal_PACKETSTORM:213675 In Eptura Archibus versions before version 2025.01, the "Run script" and "Server File" components of the "Database Update Wizard" are vulnerable to...	N/A	N/A	Jan 9, 2026	PACKETSTORM
HIGH 8.6	PACKETSTORM:213677	📄 Hustle Plugin 7.8.3 Hardcoded Credentials_PACKETSTORM:213677 Hustle plugin versions 7.8.3 and below contain hardcoded HubSpot API credentials in inc/providers/hubspot/hustle-hubspot-api.php...	N/A	N/A	Jan 9, 2026	PACKETSTORM
HIGH 8.8	PACKETSTORM:213630	📄 Prison Management System 1.0 Shell Upload_PACKETSTORM:213630 This Metasploit module exploits an unrestricted file upload vulnerability in Prison Management System version 1.0. An authenticated user can upload...	N/A	N/A	Jan 8, 2026	PACKETSTORM
CRITICAL 9	PACKETSTORM:213594	📄 Taiga Tribe_gig Authenticated Unserialize Remote Code Execution_PACKETSTORM:213594 This Metasploit module exploits an unserialization flaw by creating a userstory in a project...	N/A	N/A	Jan 7, 2026	PACKETSTORM
HIGH 7.5	PACKETSTORM:213574	📄 WordPress Quiz Maker 6.7.0.56 SQL Injection_PACKETSTORM:213574 WordPress Quiz Maker plugin versions 6.7.0.56 and below suffer from a remote SQL injection vulnerability...	N/A	N/A	Jan 7, 2026	PACKETSTORM
NONE	PACKETSTORM:213572	📄 mrrb.bg Cross Site Scripting_PACKETSTORM:213572 The site at mrrb.bg suffers from a cross site scripting issue. The researcher has waited over a year after reporting this to make public, so hopefu...	N/A	N/A	Jan 7, 2026	PACKETSTORM
MEDIUM 5.3	PACKETSTORM:213575	📄 WordPress Chained Quiz 1.3.5 Insecure Direct Object Reference_PACKETSTORM:213575 WordPress Chained Quiz plugin versions 1.3.5 and below appear to suffer from an insecure direct object reference. The issue was partially patched i...	N/A	N/A	Jan 7, 2026	PACKETSTORM
NONE	PACKETSTORM:213577	📄 FreeBSD rtsold 15.x Remote Code Execution_PACKETSTORM:213577 rtsold8 on FreeBSD processes IPv6 Router Advertisement DNSSL options without validating domain names for shell metacharacters. The decoded domains ...	N/A	N/A	Jan 7, 2026	PACKETSTORM