{"vulnerability": "CVE-2025-3169", "sightings": [{"uuid": "475ca3a0-afe9-46e6-9680-f4820ea41b84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31693", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114259397967177397", "content": "", "creation_timestamp": "2025-03-31T22:27:33.058646Z"}, {"uuid": "aec4e62f-7d43-46c2-9cdf-792d115ff30b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31694", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9786", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31694\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Incorrect Authorization vulnerability in Drupal Two-factor Authentication (TFA) allows Forceful Browsing.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.10.0.\n\ud83d\udccf Published: 2025-03-31T21:51:40.451Z\n\ud83d\udccf Modified: 2025-03-31T21:51:40.451Z\n\ud83d\udd17 References:\n1. https://www.drupal.org/sa-contrib-2025-023", "creation_timestamp": "2025-03-31T22:31:29.000000Z"}, {"uuid": "d41f40ff-2017-4ff0-86d8-a28fab2e6712", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31695", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9785", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31695\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Link field display mode formatter allows Cross-Site Scripting (XSS).This issue affects Link field display mode formatter: from 0.0.0 before 1.6.0.\n\ud83d\udccf Published: 2025-03-31T21:52:55.173Z\n\ud83d\udccf Modified: 2025-03-31T21:52:55.173Z\n\ud83d\udd17 References:\n1. https://www.drupal.org/sa-contrib-2025-024", "creation_timestamp": "2025-03-31T22:31:28.000000Z"}, {"uuid": "4e0ec5d7-2482-47dc-8045-c710cace6170", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31696", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9784", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31696\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal RapiDoc OAS Field Formatter allows Cross-Site Scripting (XSS).This issue affects RapiDoc OAS Field Formatter: from 0.0.0 before 1.0.1.\n\ud83d\udccf Published: 2025-03-31T21:55:01.951Z\n\ud83d\udccf Modified: 2025-03-31T21:55:01.951Z\n\ud83d\udd17 References:\n1. https://www.drupal.org/sa-contrib-2025-025", "creation_timestamp": "2025-03-31T22:31:27.000000Z"}, {"uuid": "c6fb6be0-8e1e-4a8d-b43f-28ec25040318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31696", "type": "seen", "source": "https://t.me/cvedetector/21661", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31696 - Drupal RapiDoc OAS Field Formatter Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-31696 \nPublished : March 31, 2025, 10:15 p.m. | 51\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal RapiDoc OAS Field Formatter allows Cross-Site Scripting (XSS).This issue affects RapiDoc OAS Field Formatter: from 0.0.0 before 1.0.1. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T01:54:30.000000Z"}, {"uuid": "0c2bc9c4-ef2b-4a93-b85c-7f5d4d0c4c2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31694", "type": "seen", "source": "https://t.me/cvedetector/21659", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31694 - Drupal Two-factor Authentication Forceful Browsing Authorization Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-31694 \nPublished : March 31, 2025, 10:15 p.m. | 51\u00a0minutes ago \nDescription : Incorrect Authorization vulnerability in Drupal Two-factor Authentication (TFA) allows Forceful Browsing.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.10.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T01:54:28.000000Z"}, {"uuid": "3837d739-8bbe-459e-ba2f-456be29f8916", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31695", "type": "seen", "source": "https://t.me/cvedetector/21660", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31695 - Drupal Link Field Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-31695 \nPublished : March 31, 2025, 10:15 p.m. | 51\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Link field display mode formatter allows Cross-Site Scripting (XSS).This issue affects Link field display mode formatter: from 0.0.0 before 1.6.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T01:54:29.000000Z"}, {"uuid": "1ce21115-d3f7-42f9-9401-a5f400604f25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31698", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q2/264", "content": "", "creation_timestamp": "2025-06-17T19:26:35.000000Z"}, {"uuid": "a8fa0ded-be90-4087-9357-bfa597dcc775", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31692", "type": "seen", "source": "https://t.me/cvedetector/21670", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31692 - Drupal AI OS Command Injection\", \n  \"Content\": \"CVE ID : CVE-2025-31692 \nPublished : March 31, 2025, 10:15 p.m. | 51\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Drupal AI (Artificial Intelligence) allows OS Command Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.5. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T01:54:40.000000Z"}, {"uuid": "e56c061c-333b-47e8-9ecd-a0e817c67226", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31691", "type": "seen", "source": "https://t.me/cvedetector/21669", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31691 - Drupal OAuth2 Server Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31691 \nPublished : March 31, 2025, 10:15 p.m. | 51\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Drupal OAuth2 Server allows Forceful Browsing.This issue affects OAuth2 Server: from 0.0.0 before 2.1.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T01:54:39.000000Z"}, {"uuid": "d11c568d-ddcb-47e0-a647-0ae67a441e89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31690", "type": "seen", "source": "https://t.me/cvedetector/21668", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31690 - Drupal Cache Utility CSRF\", \n  \"Content\": \"CVE ID : CVE-2025-31690 \nPublished : March 31, 2025, 10:15 p.m. | 51\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Drupal Cache Utility allows Cross Site Request Forgery.This issue affects Cache Utility: from 0.0.0 before 1.2.1. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T01:54:38.000000Z"}, {"uuid": "7404916b-4848-4aa4-84cc-670c2b90278d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31693", "type": "seen", "source": "https://t.me/cvedetector/21671", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31693 - Drupal AI OS Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31693 \nPublished : March 31, 2025, 10:15 p.m. | 51\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Drupal AI (Artificial Intelligence) allows OS Command Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.5. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T01:54:41.000000Z"}, {"uuid": "52f36d11-15dc-4712-a8d7-3e806ef45b1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31693", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114259397967177397", "content": "", "creation_timestamp": "2025-03-31T22:27:33.048871Z"}, {"uuid": "ec6544ec-8679-4737-bd5c-9413357a62bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3169", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lospzqjlwu27", "content": "", "creation_timestamp": "2025-05-10T10:25:11.778650Z"}, {"uuid": "b8459aef-2a46-4600-b87e-5698267649d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31697", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9783", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31697\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Formatter Suite allows Cross-Site Scripting (XSS).This issue affects Formatter Suite: from 0.0.0 before 2.1.0.\n\ud83d\udccf Published: 2025-03-31T21:55:59.521Z\n\ud83d\udccf Modified: 2025-03-31T21:55:59.521Z\n\ud83d\udd17 References:\n1. https://www.drupal.org/sa-contrib-2025-026", "creation_timestamp": "2025-03-31T22:31:26.000000Z"}, {"uuid": "dc07e528-78dd-4149-81be-82b23685ba7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31693", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10277", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31693\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Drupal AI (Artificial Intelligence) allows OS Command Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.5.\n\ud83d\udccf Published: 2025-03-31T21:51:17.459Z\n\ud83d\udccf Modified: 2025-04-03T17:24:33.215Z\n\ud83d\udd17 References:\n1. https://www.drupal.org/sa-contrib-2025-022", "creation_timestamp": "2025-04-03T17:35:33.000000Z"}, {"uuid": "c0169c05-91e3-4cbb-861d-44163b1025bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31692", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10278", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31692\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Drupal AI (Artificial Intelligence) allows OS Command Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.5.\n\ud83d\udccf Published: 2025-03-31T21:50:34.673Z\n\ud83d\udccf Modified: 2025-04-03T17:23:24.605Z\n\ud83d\udd17 References:\n1. https://www.drupal.org/sa-contrib-2025-021", "creation_timestamp": "2025-04-03T17:35:34.000000Z"}, {"uuid": "bce5c847-d754-40c0-9907-845f46c9d4ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3169", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10285", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3169\n\ud83d\udd25 CVSS Score: 2.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in Projeqtor up to 12.0.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /tool/saveAttachment.php. The manipulation of the argument attachmentFiles leads to unrestricted upload. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 12.0.3 is able to address this issue. It is recommended to upgrade the affected component. The vendor explains, that \"this vulnerability can be exploited only on not securely installed instances, as it is adviced during product install: attachment directory should be out of web reach, so that even if executable file can be uploaded, it cannot be executed through the web.\"\n\ud83d\udccf Published: 2025-04-03T17:00:13.550Z\n\ud83d\udccf Modified: 2025-04-03T17:00:13.550Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303128\n2. https://vuldb.com/?ctiid.303128\n3. https://vuldb.com/?submit.543250\n4. https://github.com/deadmilkman/cve-reports/blob/main/01-projeqtor-rce/readme.md\n5. https://github.com/deadmilkman/cve-reports/blob/main/01-projeqtor-rce/readme.md#proof-of-concept-poc", "creation_timestamp": "2025-04-03T17:35:40.000000Z"}, {"uuid": "7c415b9e-1564-4249-b482-53208a1a6f83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31698", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18973", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31698\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: ACL configured in ip_allow.config or remap.config does not use IP addresses that are provided by PROXY protocol.\n\nUsers can use a new setting (proxy.config.acl.subjects) to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol.\u00a0\nThis issue affects undefined: from 10.0.0 through 10.0.6, from 9.0.0 through 9.2.10.\n\nUsers are recommended to upgrade to version 9.2.11 or 10.0.6, which fixes the issue.\n\ud83d\udccf Published: 2025-06-19T10:07:46.733Z\n\ud83d\udccf Modified: 2025-06-20T13:32:19.681Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/15t32nxbypqg1m2smp640vjx89o6v5f8", "creation_timestamp": "2025-06-20T14:43:52.000000Z"}, {"uuid": "e1a7edac-c248-4771-88f1-8ee949206ea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3169", "type": "seen", "source": "https://t.me/cvedetector/22008", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3169 - Projeqtor Unrestricted File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3169 \nPublished : April 3, 2025, 5:15 p.m. | 1\u00a0hour, 56\u00a0minutes ago \nDescription : A vulnerability was found in Projeqtor up to 12.0.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /tool/saveAttachment.php. The manipulation of the argument attachmentFiles leads to unrestricted upload. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 12.0.3 is able to address this issue. It is recommended to upgrade the affected component. The vendor explains, that \"this vulnerability can be exploited only on not securely installed instances, as it is adviced during product install: attachment directory should be out of web reach, so that even if executable file can be uploaded, it cannot be executed through the web.\" \nSeverity: 5.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T21:55:44.000000Z"}, {"uuid": "f8a0bd94-d853-4489-86e1-5e13cf6674ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31697", "type": "seen", "source": "https://t.me/cvedetector/21662", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31697 - Drupal Formatter Suite Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-31697 \nPublished : March 31, 2025, 10:15 p.m. | 51\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Formatter Suite allows Cross-Site Scripting (XSS).This issue affects Formatter Suite: from 0.0.0 before 2.1.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T01:54:31.000000Z"}]}