13 matches found
CVE-2021-28114
Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing...
CVE-2022-28114
DSCMS v3.0 was discovered to contain an arbitrary file deletion vulnerability via /controller/Adv.php...
CVE-2024-28114
creationtimestamp| type| source ---|---|--- 2024-03-12 21:22:10+00:00| seen| https://t.me/ctinow/206164 2024-03-12 21:26:42+00:00| seen| https://t.me/ctinow/206176...
CVE-2024-28114
CVE-2024-28114 affects Peering Manager (BGP session management) with a Server‑Site Template Injection that enables Remote Code Execution in versions
CVE-2024-28114 Remote Code Execution using Server Side Template Injection in Peering Manager
Peering Manager is a BGP session management tool. There is a Server Side Template Injection vulnerability that leads to Remote Code Execution in Peering Manager =1.8.2. As a result arbitrary commands can be executed on the operating system that is running Peering Manager. This issue has been...
CVE-2024-28114 Remote Code Execution using Server Side Template Injection in Peering Manager
Peering Manager is a BGP session management tool. There is a Server Side Template Injection vulnerability that leads to Remote Code Execution in Peering Manager =1.8.2. As a result arbitrary commands can be executed on the operating system that is running Peering Manager. This issue has been...
CVE-2023-28114 `cilium-cli` disables etcd authorization for clustermesh clusters
cilium-cli is the command line interface to install, manage, and troubleshoot Kubernetes clusters running Cilium. Prior to version 0.13.2,cilium-cli, when used to configure cluster mesh functionality, can remove the enforcement of user permissions on the etcd store used to mirror local cluster...
CVE-2023-28114
CVE-2023-28114 affects the cilium-cli tool (pre-0.13.2). An incorrect mount point specification can cause the initContainer configuration that manages etcd users/permissions to be overwritten when configuring a clustermesh, potentially removing authorization enforcement on the etcd store used for...
CVE-2022-28114
creationtimestamp| type| source ---|---|--- 2022-04-28 18:24:26+00:00| seen| https://t.me/cibsecurity/41581...
CVE-2022-28114
CVE-2022-28114 affects DSCMS v3.0, where an arbitrary file deletion vulnerability is triggered via the endpoint /controller/Adv.php. The available connected sources confirm the issue exists in DSCMS v3.0 and describe the impact as arbitrary file deletion. No specific exploit details, affected fil...
CVE-2021-28114
CVE-2021-28114 affects Froala WYSIWYG Editor 3.2.6-1 with an XSS flaw caused by a namespace confusion during parsing. Red Hat, CNVD, OSV, and others report the issue and, in CNVD, an attacker could obtain an administrator cookie. The initial entry provides the vulnerability description and CVSS m...
CVE-2021-28114
creationtimestamp| type| source ---|---|--- 2021-06-03 07:38:04+00:00| seen| https://t.me/cKure/5762 2021-07-16 16:28:07+00:00| seen| https://t.me/cibsecurity/26215...
Buffer Overflow Vulnerability in Multiple NETGEAR Products (CNVD-2020-28114)
NETGEAR R9000 and others are products of NETGEAR USA.NETGEAR R9000 is a wireless router.NETGEAR R7800 is a wireless router.NETGEAR D6100 is a wireless modem. A buffer overflow vulnerability exists in multiple NETGEAR products that originates when a networked system or product performs an operatio...