{"vulnerability": "CVE-2025-3856", "sightings": [{"uuid": "b2e7223d-359d-4c5d-bdcc-c6aea878a54e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38561", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3me6zzvrufd2z", "content": "", "creation_timestamp": "2026-02-06T13:45:16.640072Z"}, {"uuid": "42ec3c75-719b-4ff2-8e09-975b527924a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38560", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "4c2da770-5a2b-4eff-857e-ccc4a9336f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38562", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "82718c67-1aa3-4902-88e6-7eb86cf3ad19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38565", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0398/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "9fc46856-d333-4955-8f35-2b4ec77440a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38565", "type": "published-proof-of-concept", "source": "Telegram/Njdg7hNd6kVHrE8zyDhSRVDaVv1qeC9aHNV71Bz_262lH4E", "content": "", "creation_timestamp": "2026-01-08T22:13:35.000000Z"}, {"uuid": "31a1e3d3-c121-4c56-9277-741bbf04763b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3856", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lneoz42c6a2d", "content": "", "creation_timestamp": "2025-04-22T03:04:32.254385Z"}, {"uuid": "2a269b87-847c-4fc6-831d-64f2ee08deb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38561", "type": "seen", "source": "https://sploitus.com/exploit?id=766139FD-1FD9-52F2-8455-4C511B79C3B6&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-08T16:20:08.000000Z"}, {"uuid": "1148d4b5-4d17-4ef1-b33f-821ac69bed2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38561", "type": "seen", "source": "https://sploitus.com/exploit?id=766139FD-1FD9-52F2-8455-4C511B79C3B6&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-08T16:20:08.000000Z"}, {"uuid": "31ce876e-b235-4661-bd94-1ae8215aa365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38561", "type": "seen", "source": "https://sploitus.com/exploit?id=766139FD-1FD9-52F2-8455-4C511B79C3B6&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-08T16:20:08.000000Z"}, {"uuid": "928f2524-91ec-4410-bdc3-139f4c8c3d34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38561", "type": "seen", "source": "https://gist.github.com/Darkcrai86/c0a6e2baaaa0150544c5a19cedefd623", "content": "", "creation_timestamp": "2025-09-24T20:26:19.000000Z"}, {"uuid": "bca88c57-8788-44dd-b12d-20c4de9f9cfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38562", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-917/", "content": "", "creation_timestamp": "2025-09-24T03:00:00.000000Z"}, {"uuid": "37055b13-b646-4aa7-a604-3dd8ab9e7783", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38561", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-916/", "content": "", "creation_timestamp": "2025-09-24T03:00:00.000000Z"}, {"uuid": "e9572f1c-61e4-4c8a-a039-de27f908a526", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38563", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0398/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "0db0308b-e687-47a8-9dc5-1a0243bd0b2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38561", "type": "published-proof-of-concept", "source": "Telegram/StnFq2aD-oVk9_iOn0KNijqZJTdZ-dJJ6jhCB9DJIxPvPVY", "content": "", "creation_timestamp": "2025-10-08T21:00:04.000000Z"}, {"uuid": "cf412723-0a5f-4879-afee-12b13fd9083b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38563", "type": "published-proof-of-concept", "source": "Telegram/EmV5qM2rczBRL4srCtTYo4Qe4hr9TGrLsA4GyGEHonbwa6c", "content": "", "creation_timestamp": "2026-01-08T22:13:17.000000Z"}, {"uuid": "ed420c79-50ff-49b3-a93f-8b0964e8f4d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38565", "type": "published-proof-of-concept", "source": "Telegram/EmV5qM2rczBRL4srCtTYo4Qe4hr9TGrLsA4GyGEHonbwa6c", "content": "", "creation_timestamp": "2026-01-08T22:13:17.000000Z"}, {"uuid": "7e5d94fd-5938-441d-bbd4-a82fd96eb938", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3856", "type": "seen", "source": "https://t.me/cvedetector/23474", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3856 - Xxyopen Novel-Plus SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3856 \nPublished : April 22, 2025, 1:15 a.m. | 31\u00a0minutes ago \nDescription : A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been classified as critical. This affects the function searchByPage of the file /book/searchByPage. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-22T04:11:18.000000Z"}, {"uuid": "bd15abc9-99bc-4a69-b165-ef2492c9aea6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38561", "type": "seen", "source": "https://sploitus.com/exploit?id=766139FD-1FD9-52F2-8455-4C511B79C3B6&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-08T16:20:08.000000Z"}, {"uuid": "48d92ecb-cf10-4e9e-85c1-b0154290fa91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38561", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-f4fb1a61-9031cda05d52c6b2", "content": "", "creation_timestamp": "2025-09-25T15:32:18.385527Z"}, {"uuid": "acd4de44-ec5b-41ec-9232-5e0ebe996fd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38561", "type": "seen", "source": "https://sploitus.com/exploit?id=766139FD-1FD9-52F2-8455-4C511B79C3B6&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-08T16:20:08.000000Z"}, {"uuid": "62c8d683-0d92-4951-848d-fed1eb1c1e6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38561", "type": "seen", "source": "https://sploitus.com/exploit?id=766139FD-1FD9-52F2-8455-4C511B79C3B6&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-08T16:20:08.000000Z"}, {"uuid": "3b9f514f-123e-4ea5-9231-bb515e42bff4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38561", "type": "seen", "source": "https://sploitus.com/exploit?id=766139FD-1FD9-52F2-8455-4C511B79C3B6&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-08T16:20:08.000000Z"}, {"uuid": "e9a30179-237f-4536-8a82-c8fce455c840", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-38561", "type": "seen", "source": "https://gist.github.com/Darkcrai86/cbb906eeeb0d5ff1969cf18bd2f4029e", "content": "", "creation_timestamp": "2025-10-10T16:10:06.000000Z"}, {"uuid": "b161080b-c22d-417a-8c32-4bd3c253f335", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38560", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "f02bd895-49fa-4848-8d11-ac53eb506498", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38561", "type": "published-proof-of-concept", "source": "Telegram/CfZoyzXoZXaLJPdpA7gs5cvbtBQtaDOB9xOJdvsAFUcGeJw", "content": "", "creation_timestamp": "2025-10-08T19:00:09.000000Z"}, {"uuid": "91449fc1-18d9-4b29-b350-6bf47a42e5dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3856", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12789", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3856\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been classified as critical. This affects the function searchByPage of the file /book/searchByPage. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-04-22T01:00:11.753Z\n\ud83d\udccf Modified: 2025-04-22T02:00:13.852Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.305781\n2. https://vuldb.com/?ctiid.305781\n3. https://vuldb.com/?submit.557011\n4. https://github.com/exp3n5ive/Vul/blob/main/novel_plus-sqli/novel_plus-sqli.md", "creation_timestamp": "2025-04-22T03:02:51.000000Z"}, {"uuid": "bf6b4a44-57f2-438e-a463-7eb1d35c5ccc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38561", "type": "seen", "source": "https://sploitus.com/exploit?id=766139FD-1FD9-52F2-8455-4C511B79C3B6&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-08T16:20:08.000000Z"}]}