{"vulnerability": "CVE-2025-29980", "sightings": [{"uuid": "b5b784a7-2cea-4189-91c7-c00535250274", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29980", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8275", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29980\n\ud83d\udd25 CVSS Score: 9.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.77. eTRAKiT.Net is no longer supported, and users are recommended to migrate to the latest version of CentralSquare Community Development.\n\ud83d\udccf Published: 2025-03-20T19:03:05.501Z\n\ud83d\udccf Modified: 2025-03-20T19:03:05.501Z\n\ud83d\udd17 References:\n1. https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-079-01.json", "creation_timestamp": "2025-03-20T19:18:41.000000Z"}, {"uuid": "3cd20fef-f4ed-498a-9b13-c8caca687d41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29980", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lktozk2zlx2h", "content": "", "creation_timestamp": "2025-03-20T21:59:06.175440Z"}, {"uuid": "6848b70a-7792-4503-b6fd-a66023cadfe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29980", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114196651102766521", "content": "", "creation_timestamp": "2025-03-20T20:30:11.297132Z"}, {"uuid": "7f6bf373-b293-4c16-87c5-84e1d95d025e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29980", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lktkmq635l24", "content": "", "creation_timestamp": "2025-03-20T20:40:19.599207Z"}, {"uuid": "72206303-b2fe-4b9a-82d7-c407720efa36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29980", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lkv2o5utvi23", "content": "", "creation_timestamp": "2025-03-21T11:00:09.408632Z"}, {"uuid": "292f7bb9-90c7-4348-aaab-d99ce2cf7d1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29980", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114196722769530679", "content": "", "creation_timestamp": "2025-03-20T20:48:25.781775Z"}, {"uuid": "fd1fd557-9537-4fed-a19d-1d2bfc6022e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29980", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10783", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29980\n\ud83d\udd25 CVSS Score: 9.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.77. eTRAKiT.Net is no longer supported, and users are recommended to migrate to the latest version of CentralSquare Community Development.\n\ud83d\udccf Published: 2025-03-20T19:03:05.501Z\n\ud83d\udccf Modified: 2025-04-07T20:37:39.482Z\n\ud83d\udd17 References:\n1. https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-079-01.json\n2. https://github.com/cisagov/CSAF/pull/182/files#diff-53861466371a59578b21f5e4b4b6be7b2a6267c5d0fe81eda2a849bf6915ed8d", "creation_timestamp": "2025-04-07T20:46:12.000000Z"}, {"uuid": "2ac5fcdd-dc43-4108-8be5-b657d6fb8b76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29980", "type": "seen", "source": "https://t.me/cvedetector/20759", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29980 - eTRAKiT.net SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29980 \nPublished : March 20, 2025, 7:15 p.m. | 59\u00a0minutes ago \nDescription : A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.77. eTRAKiT.Net is no longer supported, and users are recommended to migrate to the latest version of CentralSquare Community Development. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-20T21:34:58.000000Z"}, {"uuid": "435cb1f0-d193-4290-a238-58955ab2bd11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29980", "type": "published-proof-of-concept", "source": "Telegram/sqlAUNS-cbU8Yn3yqBRR2i7kwCaQSr-HL8WHiqAVhMRSKEw", "content": "", "creation_timestamp": "2025-03-20T21:00:24.000000Z"}]}