{"vulnerability": "CVE-2025-2727", "sightings": [{"uuid": "ef60cdcb-cc55-47d9-bb5c-45355d9e91eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27276", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lix3n5mkuv2g", "content": "", "creation_timestamp": "2025-02-24T19:32:25.622943Z"}, {"uuid": "efc2b47d-28d8-4352-ab6e-0ae3fa329395", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27270", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3ljkg3scpzn2i", "content": "", "creation_timestamp": "2025-03-04T12:00:10.423088Z"}, {"uuid": "90c4b460-2dc8-4ca7-996b-c5659d67a1eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27270", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114099286065307421", "content": "", "creation_timestamp": "2025-03-03T15:49:00.305380Z"}, {"uuid": "eb1e0628-e650-4e19-85bc-b86750c46f09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27278", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljikjrveuh2i", "content": "", "creation_timestamp": "2025-03-03T18:14:13.334921Z"}, {"uuid": "5b623499-1070-4cfa-b2b4-cd586e067aa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27276", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114060119802420695", "content": "", "creation_timestamp": "2025-02-24T17:48:29.610262Z"}, {"uuid": "3760f673-e154-4cbf-bbe8-b8aafa5a0e85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27275", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljikjrnkac2v", "content": "", "creation_timestamp": "2025-03-03T18:14:12.284108Z"}, {"uuid": "0ed1f52c-633d-47f1-960b-aa5d31a4b33a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27274", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljikjrryrh26", "content": "", "creation_timestamp": "2025-03-03T18:14:12.837435Z"}, {"uuid": "42734af5-ac6b-4290-8608-68a7d129d4ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2727", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114221259355489496", "content": "", "creation_timestamp": "2025-03-25T04:48:23.658860Z"}, {"uuid": "42be91f8-6299-412c-a485-c0d8d7d8f660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27270", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3ljj5ufsdhw2b", "content": "", "creation_timestamp": "2025-03-04T00:00:12.780236Z"}, {"uuid": "e6a95a02-e7e4-4f8d-8e6e-0baa70c13128", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27278", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:46.000000Z"}, {"uuid": "2bdc3f61-f0b1-4bc7-9ad4-64aec93ad909", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2727", "type": "seen", "source": "https://t.me/cvedetector/21028", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2727 - H3C Magic NX30 Pro HTTP POST Request Handler Command Injection\", \n  \"Content\": \"CVE ID : CVE-2025-2727 \nPublished : March 25, 2025, 3:15 a.m. | 23\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, was found in H3C Magic NX30 Pro up to V100R007. This affects an unknown part of the file /api/wizard/getNetworkStatus of the component HTTP POST Request Handler. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T05:16:33.000000Z"}, {"uuid": "9cc651e2-b5d1-478e-85f2-d5b53b512b2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27270", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:45.000000Z"}, {"uuid": "409713cd-ac05-48a3-a7ad-21ed79e45d9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27271", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:45.000000Z"}, {"uuid": "7f854527-fb5e-4caa-9f01-2abbfddcf466", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27271", "type": "seen", "source": "https://t.me/cvedetector/19368", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27271 - NotFound Database Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-27271 \nPublished : March 3, 2025, 2:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound DB Tables Import/Export allows Reflected XSS. This issue affects DB Tables Import/Export: from n/a through 1.0.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T18:03:49.000000Z"}, {"uuid": "a012b34d-e331-4009-9167-243b2cf032db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27279", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6221", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27279\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Flashfader allows Reflected XSS. This issue affects Flashfader: from n/a through 1.1.1.\n\ud83d\udccf Published: 2025-03-03T13:30:31.244Z\n\ud83d\udccf Modified: 2025-03-03T13:30:31.244Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/flashfader/vulnerability/wordpress-flashfader-plugin-1-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-03T14:30:18.000000Z"}, {"uuid": "61d4a952-0deb-4e35-b815-0cd4a6ecc793", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27278", "type": "seen", "source": "https://t.me/cvedetector/19360", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27278 - AcuGIS Leaflet Maps Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-27278 \nPublished : March 3, 2025, 2:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound AcuGIS Leaflet Maps allows Reflected XSS. This issue affects AcuGIS Leaflet Maps: from n/a through 5.1.1.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T18:03:36.000000Z"}, {"uuid": "9a996a8c-8e56-4d8a-bef8-52f89ce628d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27275", "type": "seen", "source": "https://t.me/cvedetector/19359", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27275 - Andrew Fisher WOO Codice Fiscale Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27275 \nPublished : March 3, 2025, 2:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andrew_fisher WOO Codice Fiscale allows Reflected XSS. This issue affects WOO Codice Fiscale: from n/a through 1.6.3. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T18:03:35.000000Z"}, {"uuid": "8c83c9b2-6423-4d82-9ea3-29de36071e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27279", "type": "seen", "source": "https://t.me/cvedetector/19361", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27279 - Flashfader Cross-site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-27279 \nPublished : March 3, 2025, 2:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Flashfader allows Reflected XSS. This issue affects Flashfader: from n/a through 1.1.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T18:03:37.000000Z"}, {"uuid": "858afb35-d221-4146-a956-de8f3c774482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27274", "type": "seen", "source": "https://t.me/cvedetector/19366", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27274 - GPX Viewer Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27274 \nPublished : March 3, 2025, 2:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : Path Traversal vulnerability in NotFound GPX Viewer allows Path Traversal. This issue affects GPX Viewer: from n/a through 2.2.11. \nSeverity: 4.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T18:03:44.000000Z"}, {"uuid": "d97a3549-8035-4173-86b1-e3b32d13947c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27273", "type": "seen", "source": "https://t.me/cvedetector/19365", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27273 - Winking Affiliate Links Manager Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-27273 \nPublished : March 3, 2025, 2:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in winking Affiliate Links Manager allows Reflected XSS. This issue affects Affiliate Links Manager: from n/a through 1.0. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T18:03:43.000000Z"}, {"uuid": "397dee60-fe22-4197-801f-9ca7adf8fc1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27270", "type": "seen", "source": "https://t.me/cvedetector/19364", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27270 - NotFoundError Missing Authorization Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2025-27270 \nPublished : March 3, 2025, 2:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : Missing Authorization vulnerability in NotFound Residential Address Detection allows Privilege Escalation. This issue affects Residential Address Detection: from n/a through 2.5.4. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T18:03:42.000000Z"}, {"uuid": "c30953d9-bd0b-4543-89ae-4fa0947672cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27277", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5183", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27277\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in tiefpunkt Add Linked Images To Gallery allows Cross Site Request Forgery. This issue affects Add Linked Images To Gallery: from n/a through 1.4.\n\ud83d\udccf Published: 2025-02-24T14:48:47.667Z\n\ud83d\udccf Modified: 2025-02-24T17:01:43.297Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/add-linked-images-to-gallery-v01/vulnerability/wordpress-add-linked-images-to-gallery-plugin-1-4-csrf-to-stored-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-02-24T17:21:48.000000Z"}, {"uuid": "28c4bfbd-dcae-4e79-a107-08d03d93f917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2727", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8588", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2727\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, was found in H3C Magic NX30 Pro up to V100R007. This affects an unknown part of the file /api/wizard/getNetworkStatus of the component HTTP POST Request Handler. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-03-25T02:31:03.932Z\n\ud83d\udccf Modified: 2025-03-25T02:31:03.932Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.300747\n2. https://vuldb.com/?ctiid.300747\n3. https://vuldb.com/?submit.520394\n4. https://github.com/ggstrunk/CVE/blob/main/wizard_getNetworkStatus.md", "creation_timestamp": "2025-03-25T03:24:21.000000Z"}, {"uuid": "d2655bfb-40be-4379-91b2-989c292621fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2727", "type": "published-proof-of-concept", "source": "Telegram/MXLtd6D6lDs-X3W-toegTHLzYyO4SelR8FKZM3tOB5yKLoA", "content": "", "creation_timestamp": "2025-03-25T04:01:20.000000Z"}]}