{"vulnerability": "cve-2023-2835", "sightings": [{"uuid": "ab0d1425-ec53-4864-868e-63387bcef7dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28354", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113805551193923999", "content": "", "creation_timestamp": "2025-01-10T18:48:20.578136Z"}, {"uuid": "93a32a92-6c88-4fec-a2d5-985f708c7b66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28354", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113800627809173522", "content": "", "creation_timestamp": "2025-01-09T21:56:15.377627Z"}, {"uuid": "2bb92585-8db0-49de-b39d-9372aa81dedd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28354", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdpcsak6l22", "content": "", "creation_timestamp": "2025-01-09T22:15:41.276862Z"}, {"uuid": "7fde97eb-3998-49ac-9dc5-eb5e3921518e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28354", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfdqvcybms2y", "content": "", "creation_timestamp": "2025-01-09T22:43:57.474536Z"}, {"uuid": "bb865cd7-21fc-40c4-89b7-2f115d40f16c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28351", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1400", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28351\n\ud83d\udd39 Description: An issue was discovered in Faronics Insight 10.0.19045 on Windows. Every keystroke made by any user on a computer with the Student application installed is logged to a world-readable directory. A local attacker can trivially extract these cleartext keystrokes, potentially enabling them to obtain PII and/or to compromise personal accounts owned by the victim.\n\ud83d\udccf Published: 2023-05-30T00:00:00\n\ud83d\udccf Modified: 2025-01-13T20:38:48.476Z\n\ud83d\udd17 References:\n1. https://research.nccgroup.com/?research=Technical%20advisories\n2. https://research.nccgroup.com/2023/05/30/technical-advisory-multiple-vulnerabilities-in-faronics-insight/", "creation_timestamp": "2025-01-13T21:12:24.000000Z"}, {"uuid": "251b605c-5c3b-4f18-8ce1-a836d7332f2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28354", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1096", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28354\n\ud83d\udd39 Description: An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call check_nrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NRPE plugin execution. This allows the attacker to escape NRPE plugin execution and execute commands remotely on the target as NT_AUTHORITY\\SYSTEM.\n\ud83d\udccf Published: 2025-01-09T00:00:00\n\ud83d\udccf Modified: 2025-01-09T21:53:59.302079\n\ud83d\udd17 References:\n1. https://github.com/stormfleet/CVE-2023-28354/blob/main/README.md", "creation_timestamp": "2025-01-09T22:15:35.000000Z"}, {"uuid": "088d4de3-14e8-4038-9271-5bd919d366a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28350", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1395", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28350\n\ud83d\udd39 Description: An issue was discovered in Faronics Insight 10.0.19045 on Windows. Attacker-supplied input is not validated/sanitized before being rendered in both the Teacher and Student Console applications, enabling an attacker to execute JavaScript in these applications. Due to the rich and highly privileged functionality offered by the Teacher Console, the ability to silently exploit Cross Site Scripting (XSS) on the Teacher Machine enables remote code execution on any connected student machine (and the teacher's machine).\n\ud83d\udccf Published: 2023-05-30T00:00:00\n\ud83d\udccf Modified: 2025-01-13T20:44:08.974Z\n\ud83d\udd17 References:\n1. https://research.nccgroup.com/?research=Technical%20advisories\n2. https://research.nccgroup.com/2023/05/30/technical-advisory-multiple-vulnerabilities-in-faronics-insight/", "creation_timestamp": "2025-01-13T21:12:08.000000Z"}, {"uuid": "35434e3c-1a3e-4161-93e2-04c30cebdf08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28354", "type": "seen", "source": "https://t.me/cvedetector/14944", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-28354 - Opsview Monitor Agent Command Injection\", \n  \"Content\": \"CVE ID : CVE-2023-28354 \nPublished : Jan. 9, 2025, 10:15 p.m. | 19\u00a0minutes ago \nDescription : An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call check_nrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NRPE plugin execution. This allows the attacker to escape NRPE plugin execution and execute commands remotely on the target as NT_AUTHORITY\\SYSTEM. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T23:38:28.000000Z"}, {"uuid": "29b40f70-22e7-47d8-a823-78efd71bf49c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2835", "type": "seen", "source": "https://t.me/cibsecurity/64876", "content": "\u203c CVE-2023-2835 \u203c\n\nThe WP Directory Kit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search' parameter in versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T12:40:12.000000Z"}, {"uuid": "b0f25209-a1ab-449b-b894-df218a4921d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28359", "type": "seen", "source": "https://t.me/cibsecurity/63943", "content": "\u203c CVE-2023-28359 \u203c\n\nA NoSQL injection vulnerability has been identified in the listEmojiCustom method call within Rocket.Chat. This can be exploited by unauthenticated users when there is at least one custom emoji uploaded to the Rocket.Chat instance. The vulnerability causes a delay in the server response, with the potential for limited impact.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-12T02:26:40.000000Z"}, {"uuid": "fcf25bb6-f636-403a-b3a9-0b969cc837c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28358", "type": "seen", "source": "https://t.me/cibsecurity/63938", "content": "\u203c CVE-2023-28358 \u203c\n\nA vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the \"Search Messages\" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-12T02:26:32.000000Z"}, {"uuid": "e4fa033c-f531-4b3b-b0f4-687d811f6a85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28356", "type": "seen", "source": "https://t.me/cibsecurity/63936", "content": "\u203c CVE-2023-28356 \u203c\n\nA vulnerability has been identified where a maliciously crafted message containing a specific chain of characters can cause the chat to enter a hot loop on one of the processes, consuming ~120% CPU and rendering the service unresponsive.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-12T02:26:27.000000Z"}, {"uuid": "25eba579-4aba-401c-862e-f0e0e95d0c5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28357", "type": "seen", "source": "https://t.me/cibsecurity/63934", "content": "\u203c CVE-2023-28357 \u203c\n\nA vulnerability has been identified in Rocket.Chat, where the ACL checks in the Slash Command /mute occur after checking whether a user is a member of a given channel, leaking private channel members to unauthorized users. This allows authenticated users to enumerate whether a username is a member of a channel that they do not have access to.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-12T02:26:25.000000Z"}]}