{"vulnerability": "CVE-2025-2726", "sightings": [{"uuid": "59645062-fe0e-4747-95e1-a75ad8963a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27268", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3ljkg3s4fwe2e", "content": "", "creation_timestamp": "2025-03-04T12:00:09.704024Z"}, {"uuid": "a8eaca12-dd09-4ad5-a10d-271c6de33ce8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27263", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114099285967211575", "content": "", "creation_timestamp": "2025-03-03T15:48:59.324774Z"}, {"uuid": "c3972396-7f08-45bb-8e27-3924078ee710", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27268", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114099286010046432", "content": "", "creation_timestamp": "2025-03-03T15:49:00.918672Z"}, {"uuid": "a2756f40-3746-4dfd-a0e3-96202a9e0381", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2726", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114221259319395925", "content": "", "creation_timestamp": "2025-03-25T04:48:23.055741Z"}, {"uuid": "6d505601-b7f4-482d-b076-b949d467935b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27263", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljikjr4vn22o", "content": "", "creation_timestamp": "2025-03-03T18:14:11.465562Z"}, {"uuid": "b203d6ff-47de-4db3-a2b3-dfcb0f9fbfb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27264", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:45.000000Z"}, {"uuid": "88fe6caf-fd8d-487f-8f38-b032d3f34382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27268", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3ljj5uflo4b23", "content": "", "creation_timestamp": "2025-03-04T00:00:12.094611Z"}, {"uuid": "4cc2d75d-b524-4941-939d-821fd9f2e65b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27263", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:45.000000Z"}, {"uuid": "3b3746cd-0ed6-4161-8475-8aecbf985b73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2726", "type": "seen", "source": "https://t.me/cvedetector/21027", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2726 - H3C Magic Series HTTP POST Request Handler Command Injection\", \n  \"Content\": \"CVE ID : CVE-2025-2726 \nPublished : March 25, 2025, 3:15 a.m. | 23\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. Affected by this issue is some unknown functionality of the file /api/esps of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T05:16:32.000000Z"}, {"uuid": "51886417-76ab-44fd-8d65-5c6d26941839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27260", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhvcxe66cv2g", "content": "", "creation_timestamp": "2026-03-25T14:39:06.271693Z"}, {"uuid": "0c80b71f-d814-4f9e-8043-4243de836254", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2726", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8580", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2726\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. Affected by this issue is some unknown functionality of the file /api/esps of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-03-25T02:00:11.956Z\n\ud83d\udccf Modified: 2025-03-25T02:00:11.956Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.300746\n2. https://vuldb.com/?ctiid.300746\n3. https://vuldb.com/?submit.520393\n4. https://github.com/ZIKH26/CVE-information/blob/master/H3C/Vulnerability%20Information_2.md", "creation_timestamp": "2025-03-25T02:23:18.000000Z"}, {"uuid": "85e9671c-acb1-4097-b239-5c47852716b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27269", "type": "seen", "source": "https://t.me/cvedetector/19363", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27269 - Apache .htaccess Login Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-27269 \nPublished : March 3, 2025, 2:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound .htaccess Login block allows Reflected XSS. This issue affects .htaccess Login block: from n/a through 0.9a. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T18:03:41.000000Z"}, {"uuid": "20882378-2d91-4ac8-87d9-605c155ff98e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27268", "type": "seen", "source": "https://t.me/cvedetector/19362", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27268 - Enituretechnology Small Package Quotes SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27268 \nPublished : March 3, 2025, 2:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in enituretechnology Small Package Quotes \u2013 Worldwide Express Edition allows SQL Injection. This issue affects Small Package Quotes \u2013 Worldwide Express Edition: from n/a through 5.2.18. \nSeverity: 9.3 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T18:03:41.000000Z"}, {"uuid": "23c0a1e0-c214-42e8-8b1c-503978f9ef30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27264", "type": "seen", "source": "https://t.me/cvedetector/19367", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27264 - NotFound Doctor Appointment Booking PHP Local File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27264 \nPublished : March 3, 2025, 2:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Doctor Appointment Booking allows PHP Local File Inclusion. This issue affects Doctor Appointment Booking: from n/a through 1.0.0. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T18:03:48.000000Z"}, {"uuid": "737b6851-908c-4d17-8c75-4c1268ad9a6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27267", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8901", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27267\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in srcoley Random Quotes allows Reflected XSS. This issue affects Random Quotes: from n/a through 1.3.\n\ud83d\udccf Published: 2025-03-26T14:24:21.196Z\n\ud83d\udccf Modified: 2025-03-26T17:00:17.453Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/random-quotes/vulnerability/wordpress-random-quotes-plugin-1-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-26T17:25:26.000000Z"}, {"uuid": "18eaf851-e4ee-4078-a145-04eaa20989fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2726", "type": "published-proof-of-concept", "source": "Telegram/MXLtd6D6lDs-X3W-toegTHLzYyO4SelR8FKZM3tOB5yKLoA", "content": "", "creation_timestamp": "2025-03-25T04:01:20.000000Z"}]}