{"vulnerability": "CVE-2023-2881", "sightings": [{"uuid": "25e03622-2bdf-4a3f-9a9f-25f3aba8759a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28815", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/115389765944283292", "content": "", "creation_timestamp": "2025-10-17T13:34:59.532358Z"}, {"uuid": "f7b21cd5-a42d-43bb-81f3-068572e2baa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28819", "type": "seen", "source": "https://t.me/cibsecurity/63068", "content": "\u203c CVE-2023-28819 \u203c\n\nConcrete CMS (previously concrete5) before 9.1 is vulnerable to Stored XSS in uploaded file and folder names.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-28T18:27:33.000000Z"}, {"uuid": "103f3697-e30a-4706-86ae-84eb6a908143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28810", "type": "seen", "source": "https://t.me/cibsecurity/65285", "content": "\u203c CVE-2023-28810 \u203c\n\nSome access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-16T02:21:52.000000Z"}, {"uuid": "95c81d5a-046e-48aa-ba7c-588daccd2235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28818", "type": "seen", "source": "https://t.me/cibsecurity/60641", "content": "\u203c CVE-2023-28818 \u203c\n\nAn issue was discovered in Veritas NetBackup IT Analytics 11 before 11.2.0. The application upgrade process included unsigned files that could be exploited and result in a customer installing unauthentic components. A malicious actor could install rogue Collector executable files (aptare.jar or upgrademanager.zip) on the Portal server, which might then be downloaded and installed on collectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-24T10:41:09.000000Z"}]}