CVE-2025-28354

creationtimestamp| type| source ---|---|--- 2025-04-25 17:07:49+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13469 2025-04-25 17:30:46+00:00| seen| https://t.me/cvedetector/23754...

CVE-2025-28354

An issue in the Printer Manager Systm of Entrust Corp Printer Manager D3.18.4-3 and below allows attackers to execute a directory traversal via a crafted POST request...

CVE-2025-28354

The CVE-2025-28354 entry concerns Entrust Corp Printer Manager (versions D3.18.4-3 and earlier). The issue is a directory traversal vulnerability exploitable via a crafted POST request, as described in multiple sources. Impact details in the connected documents indicate a potential exposure of re...

CVE-2023-28354

An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call checknrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NR...

CVE-2023-28354

creationtimestamp| type| source ---|---|--- 2025-01-09 21:56:15+00:00| seen| https://infosec.exchange/users/cve/statuses/113800627809173522 2025-01-09 22:15:35+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1096 2025-01-09 22:15:41+00:00| seen|...

CVE-2023-28354

An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call checknrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NR...

CVE-2023-28354

An issue in Opsview Monitor Agent 6.8 allows an unauthenticated remote attacker to call NRPE via check_nrpe and escape NRPE plugin execution by sending command control characters, enabling remote execution of commands on the target as NT_AUTHORITY\SYSTEM. This is documented in multiple sources (N...

CVE-2023-28354

An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call checknrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NR...

CVE-2024-28354

creationtimestamp| type| source ---|---|--- 2024-03-15 09:21:33+00:00| seen| https://t.me/ctinow/208537 2024-03-15 09:26:45+00:00| seen| https://t.me/ctinow/208542 2024-03-19 23:15:48+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/10182...

CVE-2024-28354

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.@smb%d.username in the apply.cgi interface, thereby gaining root shell privileges...

CVE-2024-28354

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.@smb%d.username in the apply.cgi interface, thereby gaining root shell privileges...

CVE-2022-28354

creationtimestamp| type| source ---|---|--- 2023-04-25 00:19:41+00:00| seen| https://t.me/cibsecurity/62775...

CVE-2022-28354

In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period...

CVE-2022-28354

In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period...

CVE-2022-28354

CVE-2022-28354 affects the MyBB Active Threads Plugin 1.3.0 and its activethreads.php date parameter, which is vulnerable to cross-site scripting (XSS) when setting a time period. The vulnerability details indicate an XSS flaw in the parameter handling, with CVSSv3.1 base score 6.1 (MEDIUM): Netw...

MyBB Active Threads 1.3.0 Cross Site Scripting

Exploit Title: MyBB Active Threads Plugin 1.3.0 – Cross-Site Scripting Date: February 9, 2022 Author: 0xB9 Twitter: @0xB9sec Software Link: https://community.mybb.com/mods.php?action=view&pid=1336 Version: 1.3.0 Tested On: Windows 10 CVE: CVE-2022-28354 Description: This plugin shows a page of...

CVE-2021-28354

Remote Procedure Call Runtime Remote Code Execution Vulnerability...

CVE-2021-28354

Technical details for CVE-2021-28354 are not provided in the connected documents. Please monitor for updates from trustworthy sources.

KLA12142 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions, spoof user interface. Below is a...

KB5001347: Windows 10 version 1607 / Windows Server 2016 Security Update (Apr 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Win32k Elevation of Privilege Vulnerability CVE-2021-27072 - Windows Media Photo Codec Information Disclosure Vulnerability CVE-2021-27079 - Microsoft Internet Messaging API Remote Code...