Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 10 PACKETSTORM:215074

📄 WordPress TNC Toolbox 1.4.2 Information Disclosure_PACKETSTORM:215074

WordPress TNC Toolbox plugin versions 1.4.2 and below sensitive information disclosure proof of concept exploit...

N/A N/A PACKETSTORM
CRITICAL 9.8 PACKETSTORM:215053

📄 Xiongmai XM530 ONVIF / RTSP Security Scanner_PACKETSTORM:215053

This project is a unified PHP-based security scanner designed to identify critical vulnerabilities in IP cameras, with a primary focus on ONVIF aut...

N/A N/A PACKETSTORM
CRITICAL 9.8 PACKETSTORM:215049

📄 XWiki 16.4.0 Remote Code Execution_PACKETSTORM:215049

Proof of concept exploit for a critical template injection vulnerability in XWiki Platform that allows unauthenticated remote code execution. The v...

N/A N/A PACKETSTORM
CRITICAL 9.8 PACKETSTORM:215060

📄 WordPress Wux Blog Editor 3.0.0 Vulnerability Scanner_PACKETSTORM:215060

This Metasploit auxiliary module scans WordPress sites for the External Post Editor plugin and checks for the unauthenticated file upload vulnerabi...

N/A N/A PACKETSTORM
NONE PACKETSTORM:215061

📄 WordPress WP Rocket 2.10.3 LFI Vulnerability Scanner_PACKETSTORM:215061

WordPress WP Rocket plugin versions prior to 2.10.4 local file inclusion vulnerability scanning tool...

N/A N/A PACKETSTORM
CRITICAL 9.3 PACKETSTORM:215056

📄 Xhibiter NFT Marketplace 1.10.2 SQL Injection_PACKETSTORM:215056

Xhibiter NFT Marketplace versions 1.10.2 and below suffer from a time-based remote blind SQL injection vulnerability in the id parameter of the /co...

N/A N/A PACKETSTORM
MEDIUM 6.5 PACKETSTORM:214963

📄 Casdoor 2.284.0 / 2.285.0 Cross Site Request Forgery_PACKETSTORM:214963

Casdoor versions 2.284.0 and 2.285.0 suffer a cross site request forgery vulnerability that was originally discovered in an earlier version but has...

N/A N/A PACKETSTORM
HIGH 8.8 PACKETSTORM:215042

📄 OctoPrint 1.11.2 Remote Code Execution_PACKETSTORM:215042

OctoPrint versions 1.11.2 and below suffer from a remote code execution vulnerability via a malformed filename being used in an authenticated file ...

N/A N/A PACKETSTORM
HIGH 7.5 PACKETSTORM:215038

📄 aiohttp 3.9.1 Directory Traversal_PACKETSTORM:215038

Proof of concept exploit for a directory traversal vulnerability in aiohttp version 3.9.1...

N/A N/A PACKETSTORM
MEDIUM 6.5 PACKETSTORM:215040

📄 Microsoft Windows 10 / 11 NTLM Hash Disclosure Spoofing_PACKETSTORM:215040

Microsoft Windows 10 / 11 proof of concept exploit that generates a .library-ms XML file pointing to a network share UNC. When opened/imported on W...

N/A N/A PACKETSTORM