{"vulnerability": "CVE-2025-4808", "sightings": [{"uuid": "1ade33af-5df7-4591-8147-153c5e1570ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48080", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3lpcf7wb6kv2g", "content": "", "creation_timestamp": "2025-05-16T15:54:23.935021Z"}, {"uuid": "5630e219-e593-45fb-9c89-0672768870ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48080", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16698", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48080\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash allows Stored XSS. This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.7.0.2.\n\ud83d\udccf Published: 2025-05-16T15:45:05.899Z\n\ud83d\udccf Modified: 2025-05-16T16:25:51.962Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/uncanny-learndash-toolkit/vulnerability/wordpress-uncanny-toolkit-for-learndash-3-7-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-16T16:34:43.000000Z"}, {"uuid": "a9963d3c-4179-4a60-8314-193a8ed805b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48088", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m45tt3tye52o", "content": "", "creation_timestamp": "2025-10-27T06:59:52.059276Z"}, {"uuid": "3263cc4f-aff2-4ce6-b3e5-e3e687ebdbc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4808", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16758", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4808\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0 and classified as critical. This issue affects some unknown processing of the file /add-normal-ticket.php. The manipulation of the argument noadult leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.\n\ud83d\udccf Published: 2025-05-16T20:00:10.452Z\n\ud83d\udccf Modified: 2025-05-16T20:00:10.452Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.309263\n2. https://vuldb.com/?ctiid.309263\n3. https://vuldb.com/?submit.572602\n4. https://github.com/f1rstb100d/myCVE/issues/11\n5. https://phpgurukul.com/", "creation_timestamp": "2025-05-16T20:35:04.000000Z"}]}