{"vulnerability": "CVE-2025-2952", "sightings": [{"uuid": "5836e144-2586-4606-8ddf-db6026d79d33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2952", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9549", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2952\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical was found in Bluestar Micro Mall 1.0. Affected by this vulnerability is an unknown functionality of the file /api/api.php?mod=upload&type=1. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-30T15:00:11.185Z\n\ud83d\udccf Modified: 2025-03-30T15:00:11.185Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.302005\n2. https://vuldb.com/?ctiid.302005\n3. https://www.jianshu.com/p/22d3ae38e628?v=1742101731758", "creation_timestamp": "2025-03-30T15:29:39.000000Z"}, {"uuid": "45ba96d9-be07-4e5e-a993-662d06968a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29529", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13345", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29529\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: ITC Systems Multiplan/Matrix OneCard platform v3.7.4.1002 was discovered to contain a SQL injection vulnerability via the component Forgotpassword.aspx.\n\ud83d\udccf Published: 2025-04-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-24T20:55:46.609Z\n\ud83d\udd17 References:\n1. https://github.com/chamilo/chamilo-lms/commit/beb07770d674fcc9db6df0e59aab107678c28682\n2. https://github.com/Yoshik0xF6/CVE-2025-29529", "creation_timestamp": "2025-04-24T21:07:10.000000Z"}, {"uuid": "503313c7-b026-493a-972e-eaf4d7e1c436", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29529", "type": "seen", "source": "https://t.me/cvedetector/23705", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29529 - ITC Systems Multiplan/Matrix OneCard SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2025-29529 \nPublished : April 24, 2025, 9:15 p.m. | 1\u00a0hour, 20\u00a0minutes ago \nDescription : ITC Systems Multiplan/Matrix OneCard platform v3.7.4.1002 was discovered to contain a SQL injection vulnerability via the component Forgotpassword.aspx. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-25T00:47:12.000000Z"}, {"uuid": "72c9e623-5bcf-4aca-904d-935a83532566", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2952", "type": "seen", "source": "https://t.me/cvedetector/21515", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2952 - Bluestar Micro Mall Unrestricted File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2952 \nPublished : March 30, 2025, 3:15 p.m. | 1\u00a0hour, 11\u00a0minutes ago \nDescription : A vulnerability classified as critical was found in Bluestar Micro Mall 1.0. Affected by this vulnerability is an unknown functionality of the file /api/api.php?mod=upload&type=1. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-30T18:55:46.000000Z"}, {"uuid": "5cb55c02-a2ce-40b7-8105-71d4f67cdb1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29529", "type": "published-proof-of-concept", "source": "Telegram/qDzkx44siSc8n4X8sjQ5ZjiFphGSFajZZfESRCa-0oTFNSE", "content": "", "creation_timestamp": "2025-04-23T05:00:06.000000Z"}, {"uuid": "d53c8a39-1ade-452b-9c75-20636f760561", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29526", "type": "seen", "source": "https://gist.github.com/k4nt0r/6ee5bfe9215cb10a436a03c67cf908fd", "content": "", "creation_timestamp": "2025-04-22T19:02:01.000000Z"}, {"uuid": "0781f96e-b840-4fc9-8b8e-5472621b3c66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29529", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnlvguswor2b", "content": "", "creation_timestamp": "2025-04-24T23:48:12.396248Z"}, {"uuid": "8cf6a6da-7169-4c8d-9479-570812fd213d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29520", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/115089922710164590", "content": "", "creation_timestamp": "2025-08-25T14:40:55.277731Z"}, {"uuid": "074baf11-de5f-4b37-a6fe-a1865641cc73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29521", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/115089922710164590", "content": "", "creation_timestamp": "2025-08-25T14:40:55.355355Z"}, {"uuid": "1061f9bc-7b82-4099-83d1-882d3e286ab7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29522", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/115089922710164590", "content": "", "creation_timestamp": "2025-08-25T14:40:55.430800Z"}, {"uuid": "56e22eba-2d68-495e-8f92-7483163235d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29524", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/115089922710164590", "content": "", "creation_timestamp": "2025-08-25T14:40:55.573131Z"}, {"uuid": "49cd430b-8980-4bc4-904b-2b423fe6da66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29525", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/115089922710164590", "content": "", "creation_timestamp": "2025-08-25T14:40:55.641268Z"}, {"uuid": "2d78bf23-e0ba-42e3-a7dc-503e466b14f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29523", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/115090116538832640", "content": "", "creation_timestamp": "2025-08-25T15:30:12.921523Z"}, {"uuid": "be8e0986-9397-459d-bf67-930cbc06e511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29529", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/33669", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-29529\nURL\uff1ahttps://github.com/Yoshik0xF6/CVE-2025-29529\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-22T18:15:00.000000Z"}]}