{"vulnerability": "CVE-2025-2265", "sightings": [{"uuid": "9eafdd78-d279-482b-9419-b2a6b383cb43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22652", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llmqin6uqi2s", "content": "", "creation_timestamp": "2025-03-30T21:02:01.816319Z"}, {"uuid": "5fbd58e6-02fa-4f5d-83a0-d192fb80fff0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22653", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedyrheu22r", "content": "", "creation_timestamp": "2025-02-04T15:16:16.535116Z"}, {"uuid": "2335ff22-a26d-4555-8f44-dd659d8d6914", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22650", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lii3cbxe5i2o", "content": "", "creation_timestamp": "2025-02-18T20:16:22.759425Z"}, {"uuid": "ce948a97-c084-41db-af44-ace38efc372a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22654", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lii3cecjan2t", "content": "", "creation_timestamp": "2025-02-18T20:16:25.074381Z"}, {"uuid": "e48bc7b0-abc1-4673-a673-2669f3a536d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22656", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lii3chja7z2t", "content": "", "creation_timestamp": "2025-02-18T20:16:28.643500Z"}, {"uuid": "2099a2a3-8259-427b-9d89-cac816e43039", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22657", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lii3cjxghv2g", "content": "", "creation_timestamp": "2025-02-18T20:16:31.060764Z"}, {"uuid": "75699d6a-070c-4cef-a117-aeec68a1ff2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22654", "type": "seen", "source": "https://bsky.app/profile/darkwebinformer.bsky.social/post/3lii4xsz3g22j", "content": "", "creation_timestamp": "2025-02-18T20:46:20.912105Z"}, {"uuid": "238b8263-1cbf-4e1f-a682-9ad538f7171b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22654", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114027325668107946", "content": "", "creation_timestamp": "2025-02-18T22:48:30.398071Z"}, {"uuid": "6b1a2830-0678-46fc-9a7e-85377eb99e1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22656", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114027325711410669", "content": "", "creation_timestamp": "2025-02-18T22:48:30.986284Z"}, {"uuid": "5dd09b89-26fd-4caa-87d7-c69637c25018", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22656", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3liihlpwnuy26", "content": "", "creation_timestamp": "2025-02-18T23:56:25.236653Z"}, {"uuid": "a0fec689-f2d6-42ee-9c38-0a33910b57cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22654", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lijpzzvcrh2c", "content": "", "creation_timestamp": "2025-02-19T12:00:15.985034Z"}, {"uuid": "59a9be2c-48ab-4e19-b98b-e5d5a9433b1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22654", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3likychk3js2n", "content": "", "creation_timestamp": "2025-02-20T00:00:48.573611Z"}, {"uuid": "2557b1cf-f316-4494-a692-02fd1da46b0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22652", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9160", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22652\n\ud83d\udd25 CVSS Score: 7.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kendysond Payment Forms for Paystack allows SQL Injection.This issue affects Payment Forms for Paystack: from n/a through 4.0.1.\n\ud83d\udccf Published: 2025-03-27T15:04:44.560Z\n\ud83d\udccf Modified: 2025-03-27T18:16:32.085Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/payment-forms-for-paystack/vulnerability/wordpress-payment-forms-for-paystack-plugin-4-0-1-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-27T18:26:35.000000Z"}, {"uuid": "f2befe5d-0b7b-4b6b-99eb-1a9490a3e381", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22654", "type": "seen", "source": "https://t.me/TheDarkWebInformer/12839", "content": "\ud83d\udea8 Critical Security Vulnerability\n\ud83c\udd94 CVE-2025-22654\n\ud83d\udca3 CVSS Score: 10\n\ud83d\udcc5 Published Date: 25/02/18\n\u26a0\ufe0f Details: Unrestricted Upload of File with Dangerous Type vulnerability in kodeshpa Simplified allows Using Malicious Files. This issue affects Simplified: from n/a through 1.0.6.\n\nNIST: https://nvd.nist.gov/vuln/detail/CVE-2025-22654", "creation_timestamp": "2025-02-18T21:45:35.000000Z"}, {"uuid": "d1afba28-2370-4a09-8cb5-b80776216224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22657", "type": "seen", "source": "MISP/71f05cce-2beb-4b80-8496-bbbabc032544", "content": "", "creation_timestamp": "2025-08-25T18:31:43.000000Z"}, {"uuid": "afd24c78-0429-4f45-95a4-a1450ac56409", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2265", "type": "seen", "source": "https://t.me/cvedetector/20231", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2265 - Sante PACS Server.exe Password Hash Truncation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2265 \nPublished : March 13, 2025, 5:15 p.m. | 43\u00a0minutes ago \nDescription : The password of a web user in \"Sante PACS Server.exe\" is zero-padded to 0x2000 bytes, SHA1-hashed, base64-encoded, and stored in the USER table in the SQLite database HTTP.db. However, the number of hash bytes encoded and stored is truncated if the hash contains a zero byte \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-13T19:48:06.000000Z"}, {"uuid": "7c1f3410-9263-4b1e-b24a-89f3b1da1dd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22657", "type": "seen", "source": "https://t.me/cvedetector/18375", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22657 - Atarim Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22657 \nPublished : Feb. 18, 2025, 8:15 p.m. | 1\u00a0hour, 47\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Vito Peleg Atarim allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Atarim: from n/a through 4.0.9. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-18T23:30:36.000000Z"}, {"uuid": "0c59e6f3-ac10-450c-ada3-b7d1a143ec55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22656", "type": "seen", "source": "https://t.me/cvedetector/18374", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22656 - Oscar Alvarez Cookie Monster PHP File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22656 \nPublished : Feb. 18, 2025, 8:15 p.m. | 1\u00a0hour, 47\u00a0minutes ago \nDescription : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Oscar Alvarez Cookie Monster allows PHP Local File Inclusion. This issue affects Cookie Monster: from n/a through 1.2.2. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-18T23:30:36.000000Z"}, {"uuid": "b345fd2c-59db-4f91-9151-0f9260e179c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2265", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7423", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2265\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The password of a web user in \"Sante PACS Server.exe\" is zero-padded to 0x2000 bytes, SHA1-hashed, base64-encoded, and stored in the USER table in the SQLite database HTTP.db. However, the number of hash bytes encoded and stored is truncated if the hash contains a zero byte\n\ud83d\udccf Published: 2025-03-13T16:33:28.145Z\n\ud83d\udccf Modified: 2025-03-13T16:33:28.145Z\n\ud83d\udd17 References:\n1. https://www.tenable.com/security/research/tra-2025-08", "creation_timestamp": "2025-03-13T16:45:16.000000Z"}, {"uuid": "d2b01b37-3169-4ba0-8693-6201709e7d79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22659", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9158", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22659\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Orbit Fox by ThemeIsle allows Stored XSS.This issue affects Orbit Fox by ThemeIsle: from n/a through 2.10.44.\n\ud83d\udccf Published: 2025-03-27T15:01:50.207Z\n\ud83d\udccf Modified: 2025-03-27T18:17:19.910Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/themeisle-companion/vulnerability/wordpress-orbit-fox-by-themeisle-plugin-2-10-44-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-27T18:26:33.000000Z"}, {"uuid": "8ffcb614-245f-4fbb-8b59-60ce56ca2478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22658", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9159", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22658\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar Listings for Appfolio allows Stored XSS.This issue affects Listings for Appfolio: from n/a through 1.2.0.\n\ud83d\udccf Published: 2025-03-27T15:02:56.064Z\n\ud83d\udccf Modified: 2025-03-27T18:16:58.510Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/listings-for-appfolio/vulnerability/wordpress-listings-for-appfolio-plugin-1-2-0-csrf-to-stored-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-27T18:26:34.000000Z"}, {"uuid": "9db5a5bf-746c-4a80-ad1b-e6d32aa7199e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22654", "type": "published-proof-of-concept", "source": "Telegram/Cbd9pH6CBBnHukvSRq1Tu3zR4Xg4YgS90Nvgmtyu7EmMHDA", "content": "", "creation_timestamp": "2025-02-19T22:00:06.000000Z"}, {"uuid": "354b899c-5d60-49b0-9e82-2d0f40c09fd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22653", "type": "seen", "source": "https://t.me/cvedetector/17219", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22653 - Templaza Music Press Pro Stored Cross-site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-22653 \nPublished : Feb. 4, 2025, 3:15 p.m. | 1\u00a0hour, 54\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in templaza Music Press Pro allows Stored XSS. This issue affects Music Press Pro: from n/a through 1.4.6. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-04T18:54:40.000000Z"}]}