CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	CVE-2025-57148	CVE-2025-57148_CVE-2025-57148 phpgurukul Online Shopping Portal 2.0 is vulnerable to Arbitrary File Upload in /admin/insert-product.php, due to the lack of extension validation.	n/a	n/a n/a	Sep 3, 2025	CVE
CRITICAL 9.3	CVE-2025-55747	XWiki Platform’s configuration files can be accessed through the webjars API_CVE-2025-55747 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 6.1-milestone-2 through 16.10...	xwiki	xwiki-platform >= 6.1-milestone-2, < 16.10.7	Sep 3, 2025	CVE
CRITICAL 9.3	CVE-2025-55748	XWiki Platform’s configuration files can be accessed through jsx and sx endpoints_CVE-2025-55748 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 4.2-milestone-2 through 16.10....	xwiki	xwiki-platform >= 4.2-milestone-2, < 16.10.7	Sep 3, 2025	CVE
CRITICAL 9	CVE-2025-53690	Sitecore Products ViewState Deserialization Vulnerability_CVE-2025-53690 Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Code Injection.This i...	Sitecore	Experience Manager (XM)	Sep 3, 2025	CVE
CRITICAL 9.4	CVE-2025-56752	CVE-2025-56752_CVE-2025-56752 A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanisms, prov...	n/a	n/a n/a	Sep 3, 2025	CVE
CRITICAL 9.8	CVE-2025-26210	CVE-2025-26210_CVE-2025-26210 An Cross-Site Scripting (XSS) vulnerability in DeepSeek R1 through V3.1 allows a remote attacker to execute arbitrary code via unspecified input fi...	n/a	n/a n/a	Sep 3, 2025	CVE
CRITICAL 9.8	CVE-2025-53693	HTML Cache Poisoning through Unsafe Reflections_CVE-2025-53693 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Sitecore Sitecore Experience Manager (XM), Site...	Sitecore	Sitecore Experience Manager (XM) 9.0	Sep 3, 2025	CVE
CRITICAL 9.8	E0379C84-1468-	Exploit for Unrestricted Upload of File with Dangerous Type in Najeebmedia Frontend_File_Manager_E0379C84-1468-50D1-9890-E1A96381C2E7 CVE-2016-15042 – WordPress Frontend File Manager...	N/A	N/A	Sep 3, 2025	GITHUBEXPLOIT
CRITICAL 9.8	0FD3C014-2EE8-	Exploit for Unrestricted Upload of File with Dangerous Type in Codedropz Drag_And_Drop_Multiple_File_Upload_-_Contact_Form_7_0FD3C014-2EE8-5DD2-B928-59EAC913D0F1 CVE-2025-3515 WordPress Lab (Drag and Drop Multiple File...	N/A	N/A	Sep 3, 2025	GITHUBEXPLOIT
CRITICAL 9.8	F25246E4-EC55-	Exploit for CVE-2025-12654_F25246E4-EC55-5EEB-859A-1601E339C30F AnyDesk Exploit AnyDesk, remote access software, has faced security concerns...	N/A	N/A	Sep 3, 2025	GITHUBEXPLOIT