{"vulnerability": "cve-2025-2297", "sightings": [{"uuid": "1c263d8c-e7ca-43e9-af87-0f66273bade4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22976", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113834804072412874", "content": "", "creation_timestamp": "2025-01-15T22:47:43.937190Z"}, {"uuid": "d271c485-9ab4-4aa5-9d3e-86fb965cb03f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22976", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfsviaxul42c", "content": "", "creation_timestamp": "2025-01-15T23:16:03.067202Z"}, {"uuid": "abe4c1ae-f249-4a5a-8c61-9599c774cddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22978", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhetrf5j5e2k", "content": "", "creation_timestamp": "2025-02-04T19:58:28.614709Z"}, {"uuid": "7c7624d1-435b-4f8c-ada3-99efd3775e7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22978", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhcedaowyr2i", "content": "", "creation_timestamp": "2025-02-03T20:16:48.967538Z"}, {"uuid": "87a714dd-9133-4452-a13f-9cbaa3c215c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22974", "type": "seen", "source": "https://t.me/cvedetector/18840", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22974 - SeaCMS SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22974 \nPublished : Feb. 24, 2025, 11:15 p.m. | 1\u00a0hour, 54\u00a0minutes ago \nDescription : SQL Injection vulnerability in SeaCMS v.13.2 and before allows a remote attacker to execute arbitrary code via the DoTranExecSql parameter in the phome.php component. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-25T02:19:26.000000Z"}, {"uuid": "d778192b-942f-4d2d-abd7-5ddc97717d73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22978", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lhekj6q7qw2v", "content": "", "creation_timestamp": "2025-02-04T17:12:52.803882Z"}, {"uuid": "23dde4b2-1ce8-4843-b9d8-0272fbd3ab83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22974", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114065783713104894", "content": "", "creation_timestamp": "2025-02-25T17:48:53.561055Z"}, {"uuid": "9e45422f-802b-4b15-8a34-10bac83941fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2297", "type": "seen", "source": "https://bsky.app/profile/paxioncyber.bsky.social/post/3lv6tkx2p4s2e", "content": "", "creation_timestamp": "2025-07-30T14:31:51.097158Z"}, {"uuid": "69f562db-e1e2-4e10-862a-a5d9dc6cda2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22978", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113946638283274540", "content": "", "creation_timestamp": "2025-02-04T16:48:39.160463Z"}, {"uuid": "0053d1df-9f2f-420f-984a-30e2f1f5b780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22974", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lj234b3hv62j", "content": "", "creation_timestamp": "2025-02-26T00:00:57.865621Z"}, {"uuid": "40f5fb44-9dbd-4f64-860e-169b2fdb02d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22973", "type": "seen", "source": "https://t.me/cvedetector/18615", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22973 - QiboSoft QiboCMS Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-22973 \nPublished : Feb. 20, 2025, 11:15 p.m. | 27\u00a0minutes ago \nDescription : An issue in QiboSoft QiboCMS X1.0 allows a remote attacker to obtain sensitive information via the http_curl() function in the '/application/common. php' file that directly retrieves the URL request response content. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-21T00:56:17.000000Z"}, {"uuid": "8ad45ed5-f31c-47f0-9d65-f824d633ff7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22976", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1883", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22976\n\ud83d\udd39 Description: SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a local attacker to execute arbitrary code via not filtering the content correctly at the \"checkOrder.php\" shopId module.\n\ud83d\udccf Published: 2025-01-15T00:00:00\n\ud83d\udccf Modified: 2025-01-15T22:41:54.912806\n\ud83d\udd17 References:\n1. https://github.com/xiaosguang/cve/blob/main/dingfanzu/dingfanzu-CMS%20checkOrder.php%20shopId%20SQL-inject.md", "creation_timestamp": "2025-01-15T22:55:10.000000Z"}, {"uuid": "f5c60162-8d11-43a9-9066-2f66b4b32e70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22978", "type": "seen", "source": "https://t.me/cvedetector/17104", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22978 - Eladmin CSV Injection\", \n  \"Content\": \"CVE ID : CVE-2025-22978 \nPublished : Feb. 3, 2025, 8:15 p.m. | 22\u00a0minutes ago \nDescription : eladmin <=2.7\nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-03T21:59:59.000000Z"}, {"uuid": "e96412e2-32e9-4594-b207-355a4e5fa4a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22974", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5236", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22974\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: SQL Injection vulnerability in SeaCMS v.13.2 and before allows a remote attacker to execute arbitrary code via the DoTranExecSql parameter in the phome.php component.\n\ud83d\udccf Published: 2025-02-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-24T22:26:59.173Z\n\ud83d\udd17 References:\n1. https://github.com/202110420106/CVE/blob/master/seacms/CVE-2025-22974.md", "creation_timestamp": "2025-02-24T23:28:02.000000Z"}, {"uuid": "bfddb7a3-b915-4a47-92a7-620ed31f0fa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22973", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4837", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22973\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in QiboSoft QiboCMS X1.0 allows a remote attacker to obtain sensitive information via the http_curl() function in the '/application/common. php' file that directly retrieves the URL request response content.\n\ud83d\udccf Published: 2025-02-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-20T22:17:37.271Z\n\ud83d\udd17 References:\n1. https://github.com/202110420106/CVE/blob/master/CVE-2025-22973.md", "creation_timestamp": "2025-02-20T23:17:14.000000Z"}, {"uuid": "5298d6fb-9eac-4329-a9c3-a0cf9552fe44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22976", "type": "seen", "source": "https://t.me/cvedetector/15548", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22976 - DingfanzuCMS SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2025-22976 \nPublished : Jan. 15, 2025, 11:15 p.m. | 45\u00a0minutes ago \nDescription : SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a local attacker to execute arbitrary code via not filtering the content correctly at the \"checkOrder.php\" shopId module. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-16T01:10:44.000000Z"}]}