MantisBT 2.28.x < 2.28.2 Timeline Tag Name XSS (GHSA-73vx-49mv-v8w5)

The version of MantisBT installed on the remote host is 2.28.x prior to 2.28.2. It is, therefore, affected by a vulnerability: - A cross-site scripting XSS vulnerability exists in the Timeline view myviewpage.php due to improper escaping of tag names retrieved from History. An attacker can inject...

CVE-2026-33548

creationtimestamp| type| source ---|---|--- 2026-03-23 19:16:27+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-33548 2026-03-23 22:51:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhr5kxoo672p...

EUVD-2022-33548

Malicious code in bioql PyPI...

MAL-2025-33548 Malicious code in snipsnip (npm)

The package snipsnip was found to contain malicious code...

CVE-2023-33548

creationtimestamp| type| source ---|---|--- 2025-03-26 20:25:42+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8955...

CVE-2024-33548

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AA-Team WZone allows Reflected XSS.This issue affects WZone: from n/a through 14.0.10...

CVE-2023-33548

CVE-2023-33548 affects ASUS RT-AC51U firmware up to 3.0.0.4.380.8591. The vulnerability is described as a Cross Site Scripting (XSS) flaw that allows an attacker to run arbitrary code via the WPA Pre-Shared Key field. Key details from connected documents indicate the CVSS v3.1 base score is 6.8 (...

CVE-2024-33548

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AA-Team WZone allows Reflected XSS.This issue affects WZone: from n/a through 14.0.10...

CVE-2024-33548 WordPress WZone plugin <= 14.0.10 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AA-Team WZone allows Reflected XSS.This issue affects WZone: from n/a through 14.0.10...

WordPress WZone Plugin <= 14.0.33 is vulnerable to Cross Site Scripting (XSS)

Software WZone Type Plugin Vulnerable versions = 14.0.33 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33548 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 056b1a28280e Credits Rafie Muhammad Patchstack Required privile...

VulnCheck KEV: CVE-2021-33548

Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code...

CVE-2021-33548 UDP Technology/Geutebrück camera devices: Command injection in preserve parameter leading to RCE

Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code...

CVE-2021-33548

CVE-2021-33548 affects Geutebrück UDP Technology firmware used in Geutebrück G-Cam E2xx and G-Code EEC-2xx devices (and related EBC/EFD/ETHC/EWPC/EEN series). The issue is a command-injection vulnerability in multiple camera devices that can be triggered via crafted input, enabling remote code ex...

Geutebruck Remote Command Execution Exploit

This Metasploit module bypasses the HTTP basic authentication used to access the /uapi-cgi/ folder and exploits multiple authenticated arbitrary command execution vulnerabilities within the parameters of various pages on Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and...

CVE-2021-33548

creationtimestamp| type| source ---|---|--- 2021-09-01 16:09:21+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/geutebruckcmdinjectcve2021335xx.rb 2025-02-06 03:13:45+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23...