packetstorm - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.4	PACKETSTORM:220374	📄 FacturaScripts 2025.43 Cross Site Scripting_PACKETSTORM:220374 FacturaScripts 2025.43 suffers from a persistent cross site scripting vulnerability in the product file upload functionality...	N/A	N/A	May 5, 2026	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:220249	📄 cPanel Authentication Manipulation / Session Injection_PACKETSTORM:220249 This Python script attempts to an authentication bypass against a cPanel login endpoint by crafting a modified login request and manipulating sessi...	N/A	N/A	May 4, 2026	PACKETSTORM
HIGH 8.7	PACKETSTORM:220281	📄 UltimatePOS 4.8 Cross Site Scripting_PACKETSTORM:220281 The administrative panel in UltimatePOS version 4.8 suffers from a persistent cross site scripting vulnerability...	N/A	N/A	May 4, 2026	PACKETSTORM
NONE	PACKETSTORM:220054	📄 School Management System PHP 1.0.0 Cross Site Scripting_PACKETSTORM:220054 School Management System PHP version 1.0.0 suffers from a persistent cross site scripting vulnerability that can lead to administrative account tak...	N/A	N/A	Apr 29, 2026	PACKETSTORM
NONE	PACKETSTORM:220076	📄 Pizzafy Ecommerce System 1.0 SQL Injection_PACKETSTORM:220076 The admin/vieworder.php endpoint in Pizzafy Ecommerce System version 1.0 fails to properly sanitize the id GET parameter before passing it to a MyS...	N/A	N/A	Apr 29, 2026	PACKETSTORM
NONE	PACKETSTORM:220040	📄 OpenNebula 6.10.0.1 Cross Site Scripting_PACKETSTORM:220040 OpenNebula version 6.10.0.1 suffers from multiple persistent cross site scripting vulnerabilities...	N/A	N/A	Apr 29, 2026	PACKETSTORM
NONE	PACKETSTORM:220045	📄 ESP-RFID-Tool V2 PRO Traversal / XSS / Bypass / Enumeration_PACKETSTORM:220045 ESP-RFID-Tool V2 PRO suffers from bypass, cross site request forgery, cross site scripting, information leakage, path traversal, and multiple other...	N/A	N/A	Apr 29, 2026	PACKETSTORM
MEDIUM 5.1	PACKETSTORM:220047	📄 Coaching Management System 1.0 Cross Site Scripting_PACKETSTORM:220047 Coaching Management System version 1.0 suffers from a persistent cross site scripting vulnerability...	N/A	N/A	Apr 29, 2026	PACKETSTORM
NONE	PACKETSTORM:220075	📄 Pizzafy Ecommerce System 1.0 Shell Upload_PACKETSTORM:220075 The savemenu function in Pizzafy Ecommerce System version 1.0 handles image uploads for menu items without performing any file type validation. The...	N/A	N/A	Apr 29, 2026	PACKETSTORM
MEDIUM 5.5	PACKETSTORM:219933	📄 Microsoft Windows TBroker Registry Symlink Information Disclosure_PACKETSTORM:219933 This code demonstrates a proof of concept attack targeting Windows ATBroker Assistive Technology Broker to achieve sensitive information disclosure...	N/A	N/A	Apr 28, 2026	PACKETSTORM