{"vulnerability": "CVE-2025-5167", "sightings": [{"uuid": "5752f114-1398-4d03-8b16-c01351dc1c25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-51672", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsjrdsylgm2i", "content": "", "creation_timestamp": "2025-06-26T18:35:32.341306Z"}, {"uuid": "b93708bc-206b-4490-9d7e-69876de8b0ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-51671", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsjzwgzx3j2u", "content": "", "creation_timestamp": "2025-06-26T21:09:07.576940Z"}, {"uuid": "3b571404-45f7-4f83-b46f-4f9564b50fca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5167", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lq2imqqdrp2y", "content": "", "creation_timestamp": "2025-05-26T05:59:09.115902Z"}, {"uuid": "12b7350b-4e72-4d68-86ac-a835a723ac08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-51672", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19621", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-51672\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A time-based blind SQL injection vulnerability was identified in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability exists in the manage-companies.php file and allows remote attackers to execute arbitrary SQL code via the companyname parameter in a POST request.\n\ud83d\udccf Published: 2025-06-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-26T15:07:44.540Z\n\ud83d\udd17 References:\n1. https://github.com/rtnthakur/CVE/blob/main/PHPGurukul/Dairy-Farm-Shop-Management-System/SQL/SQL_injection_edit-company.md", "creation_timestamp": "2025-06-26T15:52:51.000000Z"}, {"uuid": "06b1ae9c-1cf0-4e08-b46b-ece1aac276ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-51671", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19619", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-51671\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A SQL injection vulnerability was discovered in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability allows remote attackers to execute arbitrary SQL code via the category and categorycode parameters in a POST request to the manage-categories.php file.\n\ud83d\udccf Published: 2025-06-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-26T15:09:21.132Z\n\ud83d\udd17 References:\n1. https://github.com/rtnthakur/CVE/blob/main/PHPGurukul/Dairy-Farm-Shop-Management-System/SQL/SQL_injection_edit-category.md", "creation_timestamp": "2025-06-26T15:52:46.000000Z"}, {"uuid": "31a7308d-c634-48d8-af54-84fd1cc8a729", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5167", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17528", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-5167\n\ud83d\udd25 CVSS Score: 4.8 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as problematic. Affected by this vulnerability is the function LWOImporter::GetS0 in the library assimp/code/AssetLib/LWO/LWOLoader.h. The manipulation of the argument out leads to out-of-bounds read. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.\n\ud83d\udccf Published: 2025-05-26T03:31:05.586Z\n\ud83d\udccf Modified: 2025-05-26T03:31:05.586Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.310255\n2. https://vuldb.com/?ctiid.310255\n3. https://vuldb.com/?submit.578002\n4. https://github.com/assimp/assimp/issues/6169\n5. https://github.com/assimp/assimp/issues/6128\n6. https://github.com/user-attachments/files/20208666/reproducer.zip", "creation_timestamp": "2025-05-26T04:47:09.000000Z"}]}