{"vulnerability": "CVE-2025-3266", "sightings": [{"uuid": "1d2efdd3-e8e8-4269-9b05-bba97292bdf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3266", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114298409251576479", "content": "", "creation_timestamp": "2025-04-07T19:48:41.946499Z"}, {"uuid": "11d0ba02-0829-4c69-97fb-f11a77a67d35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3266", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llzd3nxfuu2f", "content": "", "creation_timestamp": "2025-04-04T21:06:40.716041Z"}, {"uuid": "3172daef-a737-4b2e-bc64-ef42f2db4a1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32668", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114313038137311581", "content": "", "creation_timestamp": "2025-04-10T09:49:03.336541Z"}, {"uuid": "3f647860-351a-48b6-9d7f-5e9c8e858354", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32668", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmhfsmqp2o24", "content": "", "creation_timestamp": "2025-04-10T11:32:39.447751Z"}, {"uuid": "93cfa680-2ba1-4670-a4b9-2221ccf4a3e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32663", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmjwkrjbex2c", "content": "", "creation_timestamp": "2025-04-11T11:37:45.061871Z"}, {"uuid": "e0ceb8b1-6e70-4984-9950-ce2768f16c20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3266", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10534", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3266\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/http_conn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-04T19:31:07.959Z\n\ud83d\udccf Modified: 2025-04-04T19:31:07.959Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303338\n2. https://vuldb.com/?ctiid.303338\n3. https://vuldb.com/?submit.549227\n4. https://magnificent-dill-351.notion.site/Stack-Overflow-in-TinyWebServer-1-0-1c9c693918ed80229bbce911b3513054", "creation_timestamp": "2025-04-04T19:36:46.000000Z"}, {"uuid": "a50ecdd9-a786-4626-a168-b3c3d892af1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32663", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114319171487269452", "content": "", "creation_timestamp": "2025-04-11T11:48:45.155184Z"}, {"uuid": "54214d6b-84bb-46e5-bfae-515776316d26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32660", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114354325083970600", "content": "", "creation_timestamp": "2025-04-17T16:48:45.585811Z"}, {"uuid": "0c4a9a80-69ac-4132-9ae3-3a2a0fb6d01d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32662", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114354325114753007", "content": "", "creation_timestamp": "2025-04-17T16:48:47.666611Z"}, {"uuid": "17b568ee-55b2-4106-a96f-54f36cae330f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32665", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114354325153799279", "content": "", "creation_timestamp": "2025-04-17T16:48:48.096939Z"}, {"uuid": "749f80a8-dd5e-4b78-8812-6471d740978e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32660", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmzq3c2ntd2b", "content": "", "creation_timestamp": "2025-04-17T18:24:18.923248Z"}, {"uuid": "47d54bc0-1005-4b4a-a084-2091e06d6880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32662", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmzq3cewni2a", "content": "", "creation_timestamp": "2025-04-17T18:24:20.509509Z"}, {"uuid": "fa375166-d8dd-4fce-9862-46ae7cbe2eff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32665", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmzq3dnfgi2h", "content": "", "creation_timestamp": "2025-04-17T18:24:27.272107Z"}, {"uuid": "8fd99c81-b6a5-4f1c-b577-4d4feb1316fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32663", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11392", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32663\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in roninwp FAT Cooming Soon allows PHP Local File Inclusion. This issue affects FAT Cooming Soon: from n/a through 1.1.\n\ud83d\udccf Published: 2025-04-11T08:43:02.352Z\n\ud83d\udccf Modified: 2025-04-11T08:43:02.352Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/fat-coming-soon/vulnerability/wordpress-fat-cooming-soon-plugin-1-1-local-file-inclusion-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-11T08:50:16.000000Z"}, {"uuid": "c705f614-c3bd-4fb4-aad5-24dd97f6b92a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32668", "type": "seen", "source": "https://t.me/cvedetector/22625", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32668 - Rameez Iqbal Real Estate Manager PHP Remote File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32668 \nPublished : April 10, 2025, 8:15 a.m. | 48\u00a0minutes ago \nDescription : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rameez Iqbal Real Estate Manager allows PHP Local File Inclusion. This issue affects Real Estate Manager: from n/a through 7.3. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T11:10:32.000000Z"}, {"uuid": "68f22a52-0fdf-4e71-8111-47be597e1857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32669", "type": "seen", "source": "https://t.me/cvedetector/22582", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32669 - Mergado Pack CSRF Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-32669 \nPublished : April 9, 2025, 5:15 p.m. | 1\u00a0hour, 19\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in MERGADO Mergado Pack allows Stored XSS. This issue affects Mergado Pack: from n/a through 4.1.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-09T20:57:30.000000Z"}, {"uuid": "d2c253b8-9a03-46c4-9c2c-d16a6d443509", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32663", "type": "seen", "source": "https://t.me/cvedetector/22737", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32663 - FAT Cooming Soon PHP Remote File Include Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32663 \nPublished : April 11, 2025, 9:15 a.m. | 2\u00a0hours, 18\u00a0minutes ago \nDescription : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in roninwp FAT Cooming Soon allows PHP Local File Inclusion. This issue affects FAT Cooming Soon: from n/a through 1.1. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-11T13:56:46.000000Z"}, {"uuid": "d5b9d849-3077-4277-a528-d60f3eb827d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3266", "type": "seen", "source": "https://t.me/cvedetector/22173", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3266 - Qinguoyi TinyWebServer Stack-Based Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2025-3266 \nPublished : April 4, 2025, 8:15 p.m. | 1\u00a0hour, 52\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/http_conn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-05T00:42:50.000000Z"}]}