packetstorm - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	PACKETSTORM:220369	📄 phpMyFAQ 4.0.16 Improper Authorization_PACKETSTORM:220369 phpMyFAQ versions 4.0.16 and below suffer from an improper authorization vulnerability...	N/A	N/A	May 5, 2026	PACKETSTORM
CRITICAL 10	PACKETSTORM:220378	📄 Craft CMS 5.6.16 Remote Code Execution_PACKETSTORM:220378 Craft CMS version 5.6.16 remote code execution exploit...	N/A	N/A	May 5, 2026	PACKETSTORM
NONE	PACKETSTORM:220377	📄 OpenWrt 23.05 Remote Code Execution_PACKETSTORM:220377 OpenWrt version 23.05 suffers from an authenticated remote code execution vulnerability...	N/A	N/A	May 5, 2026	PACKETSTORM
CRITICAL 10	PACKETSTORM:220373	📄 Erugo 0.2.14 Remote Code Execution_PACKETSTORM:220373 Erugo versions 0.2.14 suffer from an authenticated remote code execution vulnerability...	N/A	N/A	May 5, 2026	PACKETSTORM
HIGH 7.2	PACKETSTORM:220365	📄 Xibo CMS SSTI / Remote Code Execution_PACKETSTORM:220365 Xibo CMS versions prior to 4.3.1 suffer from an authenticated remote code execution vulnerability via server-side template injection...	N/A	N/A	May 5, 2026	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:220370	📄 GNU InetUtils telnetd Remote Privilege Escalation_PACKETSTORM:220370 GNU InetUtils versions 2.0 through 2.6 telnetd remote privilege escalation proof of concept exploit...	N/A	N/A	May 5, 2026	PACKETSTORM
MEDIUM 5.4	PACKETSTORM:220374	📄 FacturaScripts 2025.43 Cross Site Scripting_PACKETSTORM:220374 FacturaScripts 2025.43 suffers from a persistent cross site scripting vulnerability in the product file upload functionality...	N/A	N/A	May 5, 2026	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:220249	📄 cPanel Authentication Manipulation / Session Injection_PACKETSTORM:220249 This Python script attempts to an authentication bypass against a cPanel login endpoint by crafting a modified login request and manipulating sessi...	N/A	N/A	May 4, 2026	PACKETSTORM
HIGH 8.7	PACKETSTORM:220281	📄 UltimatePOS 4.8 Cross Site Scripting_PACKETSTORM:220281 The administrative panel in UltimatePOS version 4.8 suffers from a persistent cross site scripting vulnerability...	N/A	N/A	May 4, 2026	PACKETSTORM
NONE	PACKETSTORM:220054	📄 School Management System PHP 1.0.0 Cross Site Scripting_PACKETSTORM:220054 School Management System PHP version 1.0.0 suffers from a persistent cross site scripting vulnerability that can lead to administrative account tak...	N/A	N/A	Apr 29, 2026	PACKETSTORM