packetstorm - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	PACKETSTORM:212771	📄 Drupal 11.x-dev Information Disclosure_PACKETSTORM:212771 Proof of concept script demonstrating a full path disclosure issue in Drupal version 11.x-dev...	N/A	N/A	Dec 12, 2025	PACKETSTORM
CRITICAL 9.6	PACKETSTORM:212777	📄 Grav CMS Twig SSTI Authenticated Sandbox Bypass Remote Code Execution_PACKETSTORM:212777 This Metasploit module exploits a Server-Side Template Injection SSTI vulnerability CVE-2025-66294 in Grav CMS that allows bypassing the Twig sandb...	N/A	N/A	Dec 12, 2025	PACKETSTORM
NONE	PACKETSTORM:212775	📄 FlatPress 1.3 Shell Upload_PACKETSTORM:212775 FlatPress version 1.3 remote shell upload proof of concept exploit that leverages a cross site request forgery vulnerability...	N/A	N/A	Dec 12, 2025	PACKETSTORM
HIGH 7.2	PACKETSTORM:212773	📄 Elementor Website Builder SQL Injection_PACKETSTORM:212773 Proof of concept exploit that demonstrates a remote SQL injection vulnerability in Elementor Website Builder versions prior 3.12.2...	N/A	N/A	Dec 12, 2025	PACKETSTORM
CRITICAL 9.1	PACKETSTORM:212729	📄 Magento SessionReaper Remote Code Execution_PACKETSTORM:212729 This Metasploit module exploits CVE-2025-54236 SessionReaper, a critical vulnerability in Magento/Adobe Commerce that allows unauthenticated remote...	N/A	N/A	Dec 11, 2025	PACKETSTORM
MEDIUM 6.5	PACKETSTORM:212722	📄 Casdoor 2.95.0 Directory Traversal_PACKETSTORM:212722 Casdoor version 2.95.0 directory traversal proof of concept exploit...	N/A	N/A	Dec 11, 2025	PACKETSTORM
HIGH 10	PACKETSTORM:212721	📄 Broadcom Wi-Fi Firmware Out-Of-Bounds Write_PACKETSTORM:212721 Broadcom Wi-Fi firmware remote code execution exploit via an out-of-bounds write in the RRM Neighbor Report Handler...	N/A	N/A	Dec 11, 2025	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:212728	📄 WordPress King Addons for Elementor Privilege Escalation / Remote Code Execution_PACKETSTORM:212728 This Metasploit module exploits an unauthenticated privilege escalation vulnerability in the WordPress King Addons for Elementor plugin versions 24...	N/A	N/A	Dec 11, 2025	PACKETSTORM
CRITICAL 10	PACKETSTORM:212724	📄 Cisco ISE API 3.1 Command Injection_PACKETSTORM:212724 Proof of concept exploit for a command injection vulnerability in Cisco ISE API version 3.1...	N/A	N/A	Dec 11, 2025	PACKETSTORM
CRITICAL 10	PACKETSTORM:212727	📄 Flowise 3.0.6 JS Parsing Injection_PACKETSTORM:212727 A JavaScript parsing injection vulnerability exists in Flowise versions prior to 3.0.6 and greater than 2.2.7-patch.1...	N/A	N/A	Dec 11, 2025	PACKETSTORM