{"vulnerability": "CVE-2025-2965", "sightings": [{"uuid": "218eb231-8efe-4da6-9f67-d3bd84851dc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2965", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9559", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2965\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability has been found in ConcreteCMS up to 9.3.9 and classified as problematic. Affected by this vulnerability is the function Save of the component Accordion Block Handler. The manipulation of the argument Title/Body Source leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-03-30T23:00:09.762Z\n\ud83d\udccf Modified: 2025-03-30T23:00:09.762Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.302017\n2. https://vuldb.com/?ctiid.302017\n3. https://vuldb.com/?submit.522415\n4. https://github.com/yaowenxiao721/Poc/blob/main/Concretecms/Concretecms-poc3.md", "creation_timestamp": "2025-03-30T23:29:56.000000Z"}, {"uuid": "324904d3-53c8-4b21-8016-aff7d463d01e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29651", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114353854202263361", "content": "", "creation_timestamp": "2025-04-17T14:49:00.840886Z"}, {"uuid": "bcd06a2d-a158-4a7c-9aa7-de97064168fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29652", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114353854237880441", "content": "", "creation_timestamp": "2025-04-17T14:49:01.246346Z"}, {"uuid": "87810c4b-44ff-46f8-b49b-654ef0afaba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29653", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114353854273473727", "content": "", "creation_timestamp": "2025-04-17T14:49:01.788890Z"}, {"uuid": "9e480702-e168-47c7-a25c-3092ba904e47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29659", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114376800501667579", "content": "", "creation_timestamp": "2025-04-21T16:04:33.116336Z"}, {"uuid": "4125ea7d-9626-4f1d-8e13-6ee59a25da5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29659", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lndkntlln22h", "content": "", "creation_timestamp": "2025-04-21T16:13:56.563829Z"}, {"uuid": "7fb6c1b3-aaf6-4c1c-89b2-7a333e07aca7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29659", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114376973636531600", "content": "", "creation_timestamp": "2025-04-21T16:48:35.251782Z"}, {"uuid": "246e1091-d690-4d35-b11e-b4d9b21c5fd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29659", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lndvf3fydx2d", "content": "", "creation_timestamp": "2025-04-21T19:25:53.154831Z"}, {"uuid": "e197eaf0-b9aa-479c-b472-61242728b460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29650", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12143", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29650\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: SQL Injection vulnerability exists in the TP-Link M7200 4G LTE Mobile Wi-Fi Router Firmware Version: 1.0.7 Build 180127 Rel.55998n, allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields.\n\ud83d\udccf Published: 2025-04-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-16T19:31:48.057Z\n\ud83d\udd17 References:\n1. https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29650", "creation_timestamp": "2025-04-16T19:56:28.000000Z"}, {"uuid": "934024f5-f3ef-4c85-997a-a5fa50af27e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29652", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12211", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29652\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: SQL Injection vulnerability exists in the TP-Link M7000 4G LTE Mobile Wi-Fi Router Firmware Version: 1.0.7 Build 180127 Rel.55998n, allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields\n\ud83d\udccf Published: 2025-04-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T13:54:00.438Z\n\ud83d\udd17 References:\n1. https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29652", "creation_timestamp": "2025-04-17T13:57:38.000000Z"}, {"uuid": "18f7393a-75cb-4810-9b3a-afa2fce38baa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29651", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13162", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29651\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: SQL Injection vulnerability exists in the TP-Link M7650 4G LTE Mobile Wi-Fi Router Firmware Version: 1.0.7 Build 170623 Rel.1022n, allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields. NOTE: this is disputed because the issue can only be reproduced on a supplier-provided emulator, where access control is intentionally absent for ease of functional testing.\n\ud83d\udccf Published: 2025-04-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-23T23:40:51.389Z\n\ud83d\udd17 References:\n1. https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29651", "creation_timestamp": "2025-04-24T00:05:19.000000Z"}, {"uuid": "fac6f681-bc38-447a-aa24-59504d2d5c8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29659", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12683", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29659\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the \"cmd_listen\" function located in the \"cmd\" binary.\n\ud83d\udccf Published: 2025-04-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T14:28:03.430Z\n\ud83d\udd17 References:\n1. https://github.com/Yasha-ops/RCE-YiIOT\n2. https://github.com/Yasha-ops/vulnerability-research/tree/master/CVE-2025-29659", "creation_timestamp": "2025-04-21T15:03:08.000000Z"}, {"uuid": "e6f9127a-6f31-4a37-aa4e-1c153afe8067", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29653", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12213", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29653\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: SQL Injection vulnerability exists in the TP-Link M7450 4G LTE Mobile Wi-Fi Router Firmware Version: 1.0.2 Build 170306 Rel.1015n, allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields.\n\ud83d\udccf Published: 2025-04-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T13:52:37.656Z\n\ud83d\udd17 References:\n1. https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29653", "creation_timestamp": "2025-04-17T13:57:40.000000Z"}, {"uuid": "b26f120a-d723-43f2-b3a7-da03e478f942", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29659", "type": "seen", "source": "https://t.me/cvedetector/23437", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29659 - Yi IOT XY-3820 Remote Command Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29659 \nPublished : April 21, 2025, 3:16 p.m. | 26\u00a0minutes ago \nDescription : Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the \"cmd_listen\" function located in the \"cmd\" binary. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-21T18:09:12.000000Z"}, {"uuid": "22071bc0-9741-48e7-974f-e8ef26bdb604", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2965", "type": "seen", "source": "https://t.me/cvedetector/21528", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2965 - ConcreteCMS Accordion Block Handler Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2965 \nPublished : March 30, 2025, 11:15 p.m. | 1\u00a0hour, 25\u00a0minutes ago \nDescription : A vulnerability has been found in ConcreteCMS up to 9.3.9 and classified as problematic. Affected by this vulnerability is the function Save of the component Accordion Block Handler. The manipulation of the argument Title/Body Source leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T03:17:36.000000Z"}]}