{"vulnerability": "CVE-2025-25064", "sightings": [{"uuid": "291cc93d-14ba-4c20-a9bc-57f0ea66e7da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "MISP/71f05cce-2beb-4b80-8496-bbbabc032544", "content": "", "creation_timestamp": "2025-08-25T18:31:43.000000Z"}, {"uuid": "d297019d-aba3-424a-81a1-313f909346ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://t.me/cvedetector/17100", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25064 - Zimbra Collaboration SQL Injection weakness\", \n  \"Content\": \"CVE ID : CVE-2025-25064 \nPublished : Feb. 3, 2025, 8:15 p.m. | 22\u00a0minutes ago \nDescription : SQL injection vulnerability in the ZimbraSyncService SOAP endpoint in Zimbra Collaboration 10.0.x before 10.0.12 and 10.1.x before 10.1.4. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-03T21:59:56.000000Z"}, {"uuid": "78436136-77cb-4d72-a39f-12b0e7641c2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://t.me/ton618cyber/2370", "content": "Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities\n\nZimbra has patched CVE-2025-25064, a critical SQL injection flaw (CVSS 9.8), and other security bugs. Update now to protect against exploits.\n\nThe Hacker News | thehackernews.com \u2022 Feb 10, 2025", "creation_timestamp": "2025-02-10T12:34:49.000000Z"}, {"uuid": "0986c1ec-e3fa-416e-ab0d-2a826adda8e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://t.me/ton618cyber/6573", "content": "Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities\n\nZimbra has patched CVE-2025-25064, a critical SQL injection flaw (CVSS 9.8), and other security bugs. Update now to protect against exploits.\n\nThe Hacker News | thehackernews.com \u2022 Feb 10, 2025", "creation_timestamp": "2025-02-10T12:34:49.000000Z"}, {"uuid": "07d23953-9d79-4720-a7f5-58602f1554fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "Telegram/-9fvifp5SBhmKJGW_cGyMPBmGgQp-30e1wOClZ4NqXCMWA", "content": "", "creation_timestamp": "2025-02-10T12:07:52.000000Z"}, {"uuid": "e85d171d-7a0b-4026-b1ff-14ed2048ae41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://t.me/thehackernews/6311", "content": "Zimbra's latest patch addresses three new vulnerabilities:\n\n\u2022 SQL Injection (CVE-2025-25064) exposing email metadata to authenticated attackers.\n\u2022 XSS vulnerability in the Classic Web Client, risking user security.\n\u2022 SSRF flaw (CVE-2025-25065) allowing unauthorized redirection to internal systems.\n\nUpgrade ASAP to avoid potential exploitation and secure your systems.\n\nRead: https://thehackernews.com/2025/02/zimbra-releases-security-updates-for.html", "creation_timestamp": "2025-02-10T10:20:12.000000Z"}, {"uuid": "221ab77c-bfa8-40da-b3a0-89953174e7af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113941586596378393", "content": "", "creation_timestamp": "2025-02-03T19:23:55.882480Z"}, {"uuid": "321491a0-fdae-4be0-85b2-8e89b0a51568", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhceddalcz2e", "content": "", "creation_timestamp": "2025-02-03T20:16:51.714258Z"}, {"uuid": "073a9afa-b365-42f7-bac5-5f8f75d5dca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113946638367750447", "content": "", "creation_timestamp": "2025-02-04T16:48:44.529194Z"}, {"uuid": "580364f7-722d-44fb-afa1-e1313ed2624d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lhs76fqnsc2y", "content": "", "creation_timestamp": "2025-02-10T03:27:16.767259Z"}, {"uuid": "58988182-3f70-4cb3-aa71-f46e982dbdf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-25064", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lhsbix3thc2f", "content": "", "creation_timestamp": "2025-02-10T04:08:57.928445Z"}, {"uuid": "a3ad8f52-8db5-40c9-82e4-5457b44b7bb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lhsvbl7a422k", "content": "", "creation_timestamp": "2025-02-10T10:02:41.914438Z"}, {"uuid": "afd399a8-94f8-4386-8e49-6a75970c16bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113980202700650905", "content": "", "creation_timestamp": "2025-02-10T15:04:31.105248Z"}, {"uuid": "5e49311f-237e-459c-b343-e3f7487591c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://thehackernews.com/2025/02/zimbra-releases-security-updates-for.html", "content": "", "creation_timestamp": "2025-02-10T08:09:00.000000Z"}, {"uuid": "741c3b89-84bc-4333-b726-eba4acb1caa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/13526", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aZimbra 10 SQL Injection (CVE-2025-25064) Analysis Article\nURL\uff1ahttps://github.com/yelang123/Zimbra10_SQL_Injection\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-02-15T04:18:59.000000Z"}, {"uuid": "81e75cdf-84fe-4734-89a2-4c0b5cf8aede", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "published-proof-of-concept", "source": "Telegram/7E49vHU2s25U1RVXxjOvncvpdcj7eVYEF75smm769Cd7IQs", "content": "", "creation_timestamp": "2025-02-15T10:00:05.000000Z"}, {"uuid": "6428295d-ace1-4698-91b0-5213b03b095a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhckksnvcd2h", "content": "", "creation_timestamp": "2025-02-03T22:08:31.200418Z"}, {"uuid": "60a10a62-7dc0-41f5-a3ba-bb213d853d05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lhuigf3u622h", "content": "", "creation_timestamp": "2025-02-11T01:18:08.441383Z"}, {"uuid": "e21804cb-83ee-4f4f-b7c0-607a41049208", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7608", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25064\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: SQL injection vulnerability in the ZimbraSync Service SOAP endpoint in Zimbra Collaboration 10.0.x before 10.0.12 and 10.1.x before 10.1.4 due to insufficient sanitization of a user-supplied parameter. Authenticated attackers can exploit this vulnerability by manipulating a specific parameter in the request, allowing them to inject arbitrary SQL queries that could retrieve email metadata.\n\ud83d\udccf Published: 2025-02-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-14T17:22:58.099Z\n\ud83d\udd17 References:\n1. https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories\n2. https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes\n3. https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.12#Security_Fixes", "creation_timestamp": "2025-03-14T17:48:53.000000Z"}, {"uuid": "bd5dff62-6481-48c4-9ccf-aed27cdd59d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lhekj725662z", "content": "", "creation_timestamp": "2025-02-04T17:12:53.620881Z"}, {"uuid": "47cc140a-2b6d-4da6-8508-7120f4e63940", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lhtyzxaqzh2u", "content": "", "creation_timestamp": "2025-02-10T20:42:41.590941Z"}, {"uuid": "a184b033-fa52-47b1-81c2-60742ae3779d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lhuifazwf22h", "content": "", "creation_timestamp": "2025-02-11T01:17:32.568637Z"}, {"uuid": "618844ca-7678-435d-9d6e-75ab892f77ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-7857acd2-07bf4dd25bfb5d6f", "content": "", "creation_timestamp": "2025-02-11T07:19:35.405538Z"}, {"uuid": "dac9fdc4-d0eb-43db-9075-533fab228d29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://threatintel.cc/2025/02/11/zimbra-releases-security-updates-for.html", "content": "", "creation_timestamp": "2025-02-11T12:06:15.000000Z"}, {"uuid": "962e17bd-27b4-478a-b97a-65cc9fa2a22e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25064", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lkoabw6otc2i", "content": "", "creation_timestamp": "2025-03-18T17:52:06.844892Z"}]}