{"vulnerability": "CVE-2025-2596", "sightings": [{"uuid": "91d37a1c-48d0-4333-826a-a899d3f4c99a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25967", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljit7avpne22", "content": "", "creation_timestamp": "2025-03-03T20:49:27.280420Z"}, {"uuid": "9731294e-0900-42f5-bf81-c1d22ca107fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2596", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:45.000000Z"}, {"uuid": "e5bd5bbf-52a3-4078-b5d6-dbdb717b0e53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25960", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3linm6m6mko27", "content": "", "creation_timestamp": "2025-02-21T01:01:53.297969Z"}, {"uuid": "df3f9888-45ab-4f74-9a06-957a624724f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2596", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:48:01.000000Z"}, {"uuid": "59793440-5307-4b6e-a627-e21bcc7c3949", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25964", "type": "seen", "source": "MISP/71f05cce-2beb-4b80-8496-bbbabc032544", "content": "", "creation_timestamp": "2025-08-25T18:31:44.000000Z"}, {"uuid": "8b09f748-fcc5-466e-bcaa-3ce407725492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25967", "type": "seen", "source": "https://t.me/cvedetector/19396", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25967 - Acora CMS CSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25967 \nPublished : March 3, 2025, 7:15 p.m. | 1\u00a0hour, 6\u00a0minutes ago \nDescription : Acora CMS version 10.1.1 is vulnerable to Cross-Site Request Forgery (CSRF). This flaw enables attackers to trick authenticated users into performing unauthorized actions, such as account deletion or user creation, by embedding malicious requests in external content. The lack of CSRF protections allows exploitation via crafted requests. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T21:24:34.000000Z"}, {"uuid": "9452e557-d2c3-45a3-942c-4023863bed85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25964", "type": "published-proof-of-concept", "source": "Telegram/01uiN9EgivkKxd6NbVHaT5JBriknOXStz8AUkJ_gyZbdyjk", "content": "", "creation_timestamp": "2025-02-15T22:00:05.000000Z"}, {"uuid": "76f3ed41-fb0e-413f-abea-e68b3d17caab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25968", "type": "seen", "source": "https://t.me/cvedetector/18585", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25968 - DDSN Interactive cm3 Acora CMS Information Disclosure and Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25968 \nPublished : Feb. 20, 2025, 6:15 p.m. | 1\u00a0hour, 21\u00a0minutes ago \nDescription : DDSN Interactive cm3 Acora CMS version 10.1.1 contains an improper access control vulnerability. An editor-privileged user can access sensitive information, such as system administrator credentials, by force browsing the endpoint and exploiting the 'file' parameter. By referencing specific files (e.g., cm3.xml), attackers can bypass access controls, leading to account takeover and potential privilege escalation. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T20:41:18.000000Z"}, {"uuid": "9ed2f4e5-9b3c-4625-960d-6ef7fd0b5762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/13576", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aA critical SQL Injection vulnerability (CVE-2025-25964) discovered in the School Information Management System v1.0\nURL\uff1ahttps://github.com/Sudo-Sakib/CVE-2025-25965\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-02-15T16:04:26.000000Z"}, {"uuid": "ce60d49e-dbba-4880-8d79-a82033ab2413", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25964", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/13576", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aA critical SQL Injection vulnerability (CVE-2025-25964) discovered in the School Information Management System v1.0\nURL\uff1ahttps://github.com/Sudo-Sakib/CVE-2025-25965\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-02-15T16:04:26.000000Z"}, {"uuid": "d20f971d-5831-4b52-80bf-50a1357d08cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25964", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/13571", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aA critical SQL Injection vulnerability (CVE-2025-25964) discovered in the School Information Management System v1.0\nURL\uff1ahttps://github.com/Sudo-Sakib/CVE-2025-25964\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-02-15T15:27:24.000000Z"}, {"uuid": "0b1ad4b0-89ab-49fd-ad5a-793c16e15708", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25960", "type": "seen", "source": "https://t.me/cvedetector/18619", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25960 - PhpCms Cross Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-25960 \nPublished : Feb. 20, 2025, 10:15 p.m. | 1\u00a0hour, 26\u00a0minutes ago \nDescription : Cross Site Scripting vulnerability in phpcmsv9 v.9.6.3 allows a remote attacker to escalate privileges via the menu interface of the member center of the background administrator. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-21T00:57:39.000000Z"}, {"uuid": "b0c7ebb9-b7a9-42ea-9029-68809980673d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25960", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4821", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25960\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cross Site Scripting vulnerability in phpcmsv9 v.9.6.3 allows a remote attacker to escalate privileges via the menu interface of the member center of the background administrator.\n\ud83d\udccf Published: 2025-02-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-20T22:10:42.902Z\n\ud83d\udd17 References:\n1. https://github.com/Abel-Lan/phpcms/issues/2", "creation_timestamp": "2025-02-20T22:17:42.000000Z"}, {"uuid": "a31a6b9b-2f1f-478d-bd79-a3ef3ba19346", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25962", "type": "seen", "source": "https://t.me/cvedetector/24026", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25962 - Uniswap Coresmartcontracts Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2025-25962 \nPublished : April 29, 2025, 4:15 p.m. | 30\u00a0minutes ago \nDescription : An issue in Coresmartcontracts Uniswap v.3.0 and fixed in v.4.0 allows a remote attacker to escalate privileges via the _modifyPosition function \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T19:20:44.000000Z"}, {"uuid": "78c43e44-7a01-4ab2-b718-7b923cd6aff4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2596", "type": "seen", "source": "https://t.me/cvedetector/21174", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2596 - Checkmk GmbH Checkmk Session Logout Overwrite Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2596 \nPublished : March 26, 2025, 11:15 a.m. | 1\u00a0hour, 26\u00a0minutes ago \nDescription : Session logout could be overwritten in Checkmk GmbH's Checkmk versions <2.3.0p30,<2.2.0p41,\nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T13:53:25.000000Z"}, {"uuid": "e5ddc0ee-cb53-452f-9d83-89732789a98d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25965", "type": "published-proof-of-concept", "source": "Telegram/01uiN9EgivkKxd6NbVHaT5JBriknOXStz8AUkJ_gyZbdyjk", "content": "", "creation_timestamp": "2025-02-15T22:00:05.000000Z"}, {"uuid": "9860b265-e6db-42bb-bed4-d51acc0c1acd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25964", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/4258", "content": "#GitHub #Tools \n\nA critical SQL Injection vulnerability (CVE-2025-25964) discovered in the School Information Management System v1.0\n\nhttps://github.com/Sudo-Sakib/CVE-2025-25964\n\nThe AWS exploitation framework, designed for testing the security of Amazon Web Services environments.\n\nhttps://github.com/RhinoSecurityLabs/pacu\n\nPalo Alto Networks PAN-OS \u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u6279\u91cf\u68c0\u6d4b\u811a\u672c(CVE-2025-0108)\n\nhttps://github.com/iSee857/CVE-2025-0108-PoC\n\n#HackersFactory", "creation_timestamp": "2025-03-30T04:46:04.000000Z"}, {"uuid": "3fc7bf71-1f93-4773-b6ad-c19003a3599f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25964", "type": "published-proof-of-concept", "source": "https://t.me/haj3imad/912", "content": "https://github.com/Sudo-Sakib/CVE-2025-25964\n\nA critical SQL Injection vulnerability (CVE-2025-25964) discovered in the School Information Management System v1.0\n#github #poc", "creation_timestamp": "2025-02-19T05:21:41.000000Z"}]}