{"vulnerability": "CVE-2025-4695", "sightings": [{"uuid": "197c0257-73a3-4733-8772-908e8a0023e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4695", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp7rvhya4d2w", "content": "", "creation_timestamp": "2025-05-15T15:03:19.712362Z"}, {"uuid": "b127c127-9a98-4851-aff5-0d6f65a2c551", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4695", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16465", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4695\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in PHPGurukul Cyber Cafe Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /add-users.php. The manipulation of the argument uadd leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-15T12:31:05.940Z\n\ud83d\udccf Modified: 2025-05-15T12:31:05.940Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.308994\n2. https://vuldb.com/?ctiid.308994\n3. https://vuldb.com/?submit.567673\n4. https://github.com/Iandweb/CVE/issues/14\n5. https://phpgurukul.com/", "creation_timestamp": "2025-05-15T12:34:11.000000Z"}, {"uuid": "5887fc4c-22f9-4180-a22d-6d82ddb94fba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46954", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18004", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46954\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field.\n\ud83d\udccf Published: 2025-06-10T22:20:32.374Z\n\ud83d\udccf Modified: 2025-06-10T22:20:32.374Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", "creation_timestamp": "2025-06-10T22:32:26.000000Z"}, {"uuid": "f8220f45-10e8-45a3-8550-e5b509bcf95a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46951", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18011", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46951\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field.\n\ud83d\udccf Published: 2025-06-10T22:20:25.046Z\n\ud83d\udccf Modified: 2025-06-10T22:20:25.046Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html", "creation_timestamp": "2025-06-10T22:32:38.000000Z"}]}