{"vulnerability": "CVE-2025-3312", "sightings": [{"uuid": "84deb254-3f5a-4b4f-ba27-829a225bc887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-33121", "type": "seen", "source": "Telegram/mV5RUt-ErcEv8IWl-QMPKS-gDP3S7xJltTWYiLhYR65BNak", "content": "", "creation_timestamp": "2025-06-19T18:02:29.000000Z"}, {"uuid": "c6525a57-e470-4e07-832a-31c49f476815", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-33122", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18631", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-33122\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 could allow a user to gain elevated privileges due to an unqualified library call in IBM Advanced Job Scheduler for i. A malicious actor could cause user-controlled code to run with administrator privilege.\n\ud83d\udccf Published: 2025-06-17T17:13:00.835Z\n\ud83d\udccf Modified: 2025-06-17T17:25:49.342Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7237040", "creation_timestamp": "2025-06-17T17:42:11.000000Z"}, {"uuid": "98b92962-7371-4b45-998d-fb3b1a76a3c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-33121", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18873", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-33121\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L)\n\ud83d\udd39 Description: IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12  is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.\n\ud83d\udccf Published: 2025-06-19T17:14:42.786Z\n\ud83d\udccf Modified: 2025-06-19T17:15:00.717Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7237317", "creation_timestamp": "2025-06-19T17:40:59.000000Z"}, {"uuid": "6d021372-ff94-4a7f-ac44-06b8135a8073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3312", "type": "seen", "source": "https://t.me/cvedetector/22218", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3312 - PHPGurukul Men Salon Management System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3312 \nPublished : April 6, 2025, 7:15 a.m. | 2\u00a0hours, 13\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in PHPGurukul Men Salon Management System 1.0. This issue affects some unknown processing of the file /admin/add-customer-services.php. The manipulation of the argument sids[] leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-06T11:48:13.000000Z"}, {"uuid": "455d99d8-dcde-4c57-bd97-9fe6fee598e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-33121", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrycpppmx525", "content": "", "creation_timestamp": "2025-06-19T19:58:30.059806Z"}, {"uuid": "da0f09ba-8b61-40b0-bfea-a17f9d2c62ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3312", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10631", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3312\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in PHPGurukul Men Salon Management System 1.0. This issue affects some unknown processing of the file /admin/add-customer-services.php. The manipulation of the argument sids[] leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-06T07:00:10.914Z\n\ud83d\udccf Modified: 2025-04-06T07:00:10.914Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303509\n2. https://vuldb.com/?ctiid.303509\n3. https://vuldb.com/?submit.550199\n4. https://github.com/FIGHTINGTMQ/CVE/issues/2\n5. https://phpgurukul.com/", "creation_timestamp": "2025-04-06T07:38:00.000000Z"}, {"uuid": "569cba8b-193c-462a-a617-a34d79c7822d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3312", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lm544l6quc24", "content": "", "creation_timestamp": "2025-04-06T09:12:35.409159Z"}, {"uuid": "f282da0b-4a65-4293-9541-35a122de77e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-33122", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114699974886882106", "content": "", "creation_timestamp": "2025-06-17T17:52:02.953827Z"}, {"uuid": "5d972719-1819-446d-95ad-389521c8495c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3312", "type": "published-proof-of-concept", "source": "Telegram/UniB57STuDvdE48xUY8fEONrPJBrVxr-UljY-0_y9mj8GYk", "content": "", "creation_timestamp": "2025-04-06T10:00:59.000000Z"}, {"uuid": "1e4acb3f-a5e4-4f57-a958-4527fc8a9dc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-33121", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrz3iauwzk2y", "content": "", "creation_timestamp": "2025-06-20T03:21:44.216831Z"}]}