{"vulnerability": "CVE-2025-4066", "sightings": [{"uuid": "00403b68-f187-4901-8b21-eab3c021bde6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40661", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lraygyazrw2s", "content": "", "creation_timestamp": "2025-06-10T13:23:25.615612Z"}, {"uuid": "315440be-6686-443a-8c20-50cdac9557cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4066", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnxn32w3yy2v", "content": "", "creation_timestamp": "2025-04-29T15:50:26.369399Z"}, {"uuid": "e22f2de8-6cbc-424f-96a0-883d13617b71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40663", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq3ifwk7x452", "content": "", "creation_timestamp": "2025-05-26T15:28:55.876377Z"}, {"uuid": "89563070-4f97-4415-89b7-b061d22eea03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40668", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lr6nyb4nsw25", "content": "", "creation_timestamp": "2025-06-09T15:10:54.680916Z"}, {"uuid": "aae9393e-6665-4ab0-9fa5-59ddf549b2b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40664", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lq3esx5x7w2o", "content": "", "creation_timestamp": "2025-05-26T14:23:41.858524Z"}, {"uuid": "2c7c07a9-2b5f-4d2a-ae44-96e82f52cc42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40663", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lq3dp567id27", "content": "", "creation_timestamp": "2025-05-26T14:03:40.385103Z"}, {"uuid": "f3332405-3a9d-4239-a755-a23b300bb402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40665", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lq3eb24njm2a", "content": "", "creation_timestamp": "2025-05-26T14:13:41.230606Z"}, {"uuid": "f164134d-a1d0-4396-9854-474148cd248d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40663", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17558", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40663\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N)\n\ud83d\udd39 Description: Stored Cross-Site Scripting (XSS) vulnerability in i2A-Cronos version 23.02.01.17, from i2A. It allows an authenticated attacker to upload a malicious SVG image into the user's personal space in /CronosWeb/Modules/Persons/PersonalDocuments/PersonalDocuments.\nThere is no reported fix at this time.\n\ud83d\udccf Published: 2025-05-26T12:55:30.974Z\n\ud83d\udccf Modified: 2025-05-26T12:55:30.974Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/stored-cross-site-scripting-xss-i2a-cronos-i2a", "creation_timestamp": "2025-05-26T13:47:20.000000Z"}, {"uuid": "2eacb0d1-cadf-41e7-acb5-5ba7eca6ba61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4066", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13836", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4066\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/addpackage.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-29T14:31:06.683Z\n\ud83d\udccf Modified: 2025-04-29T14:54:58.961Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.306503\n2. https://vuldb.com/?ctiid.306503\n3. https://vuldb.com/?submit.559480\n4. https://www.websecurityinsights.my.id/2025/04/script-and-tools-online-travling-system_82.html", "creation_timestamp": "2025-04-29T15:11:43.000000Z"}, {"uuid": "ac2e629a-c713-48c0-855e-f63922c4a6c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40668", "type": "published-proof-of-concept", "source": "Telegram/AvRPE1FYyApk1Jln3Af0piOZ09oDjaUbhCE1oirCL83hBqc", "content": "", "creation_timestamp": "2025-06-09T13:02:03.000000Z"}, {"uuid": "74e41c46-d6e4-45b7-be8b-7219010dbc3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40669", "type": "published-proof-of-concept", "source": "Telegram/AvRPE1FYyApk1Jln3Af0piOZ09oDjaUbhCE1oirCL83hBqc", "content": "", "creation_timestamp": "2025-06-09T13:02:03.000000Z"}, {"uuid": "33792d1c-6ca8-4312-9ed4-3d4bec303852", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40667", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17562", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40667\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Missing authorization vulnerability in TCMAN's GIM v11. This allows an authenticated attacker to access any functionality of the application even when they are not available through the user interface. To exploit the vulnerability the attacker must modify the HTTP code of the response from \u2018302 Found\u2019 to \u2018200 OK\u2019, as well as the hidden fields hdnReadOnly and hdnUserLogin.\n\ud83d\udccf Published: 2025-05-26T12:49:49.315Z\n\ud83d\udccf Modified: 2025-05-26T12:49:49.315Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcman-gim-0", "creation_timestamp": "2025-05-26T13:47:27.000000Z"}, {"uuid": "d21a988b-e3f6-44bf-b8d5-35cfedc6088f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40665", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17564", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40665\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases through\u00a0ArbolID parameter in /GIMWeb/PC/frmCorrectivosList.aspx.\n\ud83d\udccf Published: 2025-05-26T12:48:08.755Z\n\ud83d\udccf Modified: 2025-05-26T12:48:08.755Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcman-gim-0", "creation_timestamp": "2025-05-26T13:47:32.000000Z"}, {"uuid": "5674bd36-73ab-4e41-9eb1-b04b5dbbc5c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40666", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17563", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40666\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases through\u00a0ArbolID parameter in/GIMWeb/PC/frmPreventivosList.aspx.\n\ud83d\udccf Published: 2025-05-26T12:48:21.940Z\n\ud83d\udccf Modified: 2025-05-26T12:48:21.940Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcman-gim-0", "creation_timestamp": "2025-05-26T13:47:28.000000Z"}, {"uuid": "ad460927-4332-418b-951a-bc0669270fda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4066", "type": "seen", "source": "https://t.me/cvedetector/24031", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-4066 - ScriptAndTools Online-Travling-System Remote File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-4066 \nPublished : April 29, 2025, 3:15 p.m. | 1\u00a0hour, 30\u00a0minutes ago \nDescription : A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/addpackage.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T19:20:51.000000Z"}, {"uuid": "b456f5c1-a374-4e51-b6d6-9fef47929345", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4066", "type": "seen", "source": "Telegram/BW6CS1c2yfnfr5Hz14FjC2Gy13hRBqMEHYLNjuSPHeFguDw", "content": "", "creation_timestamp": "2025-04-29T18:02:11.000000Z"}, {"uuid": "1f1f6451-a26e-4148-9d35-8e35afe38fa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40664", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17565", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40664\n\ud83d\udd25 CVSS Score: 9.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Missing authentication vulnerability in TCMAN GIM v11. This allows an unauthenticated attacker to access the resources /frmGestionUser.aspx/GetData, /frmGestionUser.aspx/updateUser and /frmGestionUser.aspx/DeleteUser.\n\ud83d\udccf Published: 2025-05-26T12:47:09.138Z\n\ud83d\udccf Modified: 2025-05-26T12:47:09.138Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcman-gim-0", "creation_timestamp": "2025-05-26T13:47:33.000000Z"}, {"uuid": "23351a32-e20f-40c2-8345-92e742dd1ea3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40660", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17860", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40660\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the\u00a0option parameter equal to 0, 1 or 2 in /administer/select node/data.asp?mode=catalogue&id1=1&id2=1session=&cod=1&networks=0.\n\ud83d\udccf Published: 2025-06-10T10:06:27.167Z\n\ud83d\udccf Modified: 2025-06-10T10:06:27.167Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-dm-corporative-cms-dmacroweb", "creation_timestamp": "2025-06-10T10:33:34.000000Z"}, {"uuid": "0e4a8f5a-4cc8-4d23-9baa-8cacb62448e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40661", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17859", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40661\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the\u00a0option parameter equal to 0, 1 or 2 in /administer/selectionnode/selection.asp.\n\ud83d\udccf Published: 2025-06-10T10:06:40.672Z\n\ud83d\udccf Modified: 2025-06-10T10:06:40.672Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-dm-corporative-cms-dmacroweb", "creation_timestamp": "2025-06-10T10:33:33.000000Z"}, {"uuid": "abdcf2ef-2859-445d-b2f4-fb7c0299202b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40662", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17858", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40662\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Absolute path disclosure vulnerability in DM Corporative CMS. This vulnerability allows an attacker to view the contents of webroot/file, if navigating to a non-existent file.\n\ud83d\udccf Published: 2025-06-10T10:07:32.257Z\n\ud83d\udccf Modified: 2025-06-10T10:07:32.257Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-dm-corporative-cms-dmacroweb", "creation_timestamp": "2025-06-10T10:33:32.000000Z"}]}