{"vulnerability": "CVE-2025-4301", "sightings": [{"uuid": "ca19e381-d14c-4a71-818c-8bac3fa28460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4301", "type": "seen", "source": "Telegram/6XDP4M1wkfL7m7vq90Tisvnt9Hir_tEqb2ho5KerLaKNi_8", "content": "", "creation_timestamp": "2025-05-06T04:01:13.000000Z"}, {"uuid": "13010151-0af9-4231-b66b-3d76598e899a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4301", "type": "exploited", "source": "https://t.me/cvedetector/24525", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-4301 - iSourcecode Content Management System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-4301 \nPublished : May 6, 2025, 1:15 a.m. | 26\u00a0minutes ago \nDescription : A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /search-notice.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-06T04:26:10.000000Z"}, {"uuid": "04ac2bab-8a43-4c51-9430-9d36f31345cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43016", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnnq75y7n52v", "content": "", "creation_timestamp": "2025-04-25T17:19:45.621993Z"}, {"uuid": "22811505-314e-463d-95d4-e7b6bb72f2c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43019", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ltht6jjsrg2b", "content": "", "creation_timestamp": "2025-07-08T17:28:14.379462Z"}, {"uuid": "f2f5e3e2-e3f4-4630-a8dc-722561ab6200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43010", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114497943894558300", "content": "", "creation_timestamp": "2025-05-13T01:32:54.916515Z"}, {"uuid": "ea31755b-099d-4e85-852c-e2173727a0fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43011", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114497943894558300", "content": "", "creation_timestamp": "2025-05-13T01:32:55.004657Z"}, {"uuid": "ef427588-bb15-44fe-9d7c-8141ba2b0b55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43011", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lozjabrnfd2h", "content": "", "creation_timestamp": "2025-05-13T03:12:17.178345Z"}, {"uuid": "cf0d2a03-f88c-4179-892b-32163ab21497", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43010", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lozjac4baw2l", "content": "", "creation_timestamp": "2025-05-13T03:12:18.958729Z"}, {"uuid": "27423fb4-9e62-426a-bcbc-defeab155857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43015", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-09T13:26:57.000000Z"}, {"uuid": "f53f2fc4-1019-40eb-8fb5-1a6a606cd11e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43010", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16128", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43010\n\ud83d\udd25 CVSS Score: 8.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H)\n\ud83d\udd39 Description: SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) allows an authenticated attacker with SAP standard authorization to execute a certain function module remotely and replace arbitrary ABAP programs, including SAP standard programs. This is due to lack of input validation and no authorization checks. This has low Confidentiality impact but high impact on integrity and availability to the application.\n\ud83d\udccf Published: 2025-05-13T00:19:51.184Z\n\ud83d\udccf Modified: 2025-05-13T14:11:28.429Z\n\ud83d\udd17 References:\n1. https://me.sap.com/notes/3600859\n2. https://url.sap/sapsecuritypatchday", "creation_timestamp": "2025-05-13T14:30:48.000000Z"}, {"uuid": "dcf7c472-e7f9-46e8-9345-7ef0e37d37df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43013", "type": "seen", "source": "https://t.me/cvedetector/23257", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43013 - JetBrains Toolbox App SSH Authentication Unencrypted Credential Transmission Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43013 \nPublished : April 17, 2025, 4:15 p.m. | 2\u00a0hours, 6\u00a0minutes ago \nDescription : In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible \nSeverity: 6.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T20:30:30.000000Z"}, {"uuid": "017d6cfa-6289-47ed-928f-8525c6a572a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43012", "type": "seen", "source": "https://t.me/cvedetector/23256", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43012 - JetBrains Toolbox App SSH Plugin Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43012 \nPublished : April 17, 2025, 4:15 p.m. | 2\u00a0hours, 6\u00a0minutes ago \nDescription : In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T20:30:29.000000Z"}, {"uuid": "e7c87835-5c0f-45bb-9841-d587db45e570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43015", "type": "seen", "source": "https://t.me/cvedetector/23253", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43015 - JetBrains RubyMine Remote Port Overwrite\", \n  \"Content\": \"CVE ID : CVE-2025-43015 \nPublished : April 17, 2025, 4:16 p.m. | 2\u00a0hours, 6\u00a0minutes ago \nDescription : In JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T20:30:24.000000Z"}, {"uuid": "d357ca55-d07f-4200-8a4a-c0d8c0190e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43014", "type": "seen", "source": "https://t.me/cvedetector/23252", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43014 - JetBrains Toolbox App SSH Plugin Unauthenticated Remote Command Execution\", \n  \"Content\": \"CVE ID : CVE-2025-43014 \nPublished : April 17, 2025, 4:16 p.m. | 2\u00a0hours, 6\u00a0minutes ago \nDescription : In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T20:30:23.000000Z"}, {"uuid": "68d2f6da-f928-45bb-9785-d2ed542fa2ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43011", "type": "seen", "source": "https://t.me/cvedetector/25140", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43011 - SAP Landscape Transformation Authorization Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43011 \nPublished : May 13, 2025, 1:15 a.m. | 1\u00a0hour, 25\u00a0minutes ago \nDescription : Under certain conditions, SAP Landscape Transformation's PCL Basis module does not perform the necessary authorization checks, allowing authenticated users to access restricted functionalities or data. This can lead to a high impact on confidentiality with no impact on the integrity or availability of the application. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T05:30:12.000000Z"}, {"uuid": "72d8ce0b-aeaf-42a0-a00f-66680eae4d04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43010", "type": "seen", "source": "https://t.me/cvedetector/25147", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43010 - SAP S/4HANA Cloud Private Edition or on Premise ABAP Program Replacement Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43010 \nPublished : May 13, 2025, 1:15 a.m. | 1\u00a0hour, 25\u00a0minutes ago \nDescription : SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) allows an authenticated attacker with SAP standard authorization to execute a certain function module remotely and replace arbitrary ABAP programs, including SAP standard programs. This is due to lack of input validation and no authorization checks. This has low Confidentiality impact but high impact on integrity and availability to the application. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T05:30:20.000000Z"}, {"uuid": "dc0ddae4-e637-4015-bc1c-4e746f4df1bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4301", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lohzk2wh4r2r", "content": "", "creation_timestamp": "2025-05-06T04:16:07.799120Z"}, {"uuid": "cf10fea3-b9c9-4fe8-9b68-badd11539817", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43017", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m4c2vsf3s32o", "content": "", "creation_timestamp": "2025-10-28T23:17:17.886966Z"}, {"uuid": "80af734f-670b-4a57-b1f9-94b9a6bc9a3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43012", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12381", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43012\n\ud83d\udd25 CVSS Score: 8.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible\n\ud83d\udccf Published: 2025-04-17T15:56:04.085Z\n\ud83d\udccf Modified: 2025-04-18T03:55:43.812Z\n\ud83d\udd17 References:\n1. https://www.jetbrains.com/privacy-security/issues-fixed/", "creation_timestamp": "2025-04-18T03:57:48.000000Z"}, {"uuid": "c476319e-e551-4a91-8021-35f7ab053302", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4301", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15021", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4301\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /search-notice.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-06T00:31:04.712Z\n\ud83d\udccf Modified: 2025-05-06T00:31:04.712Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.307405\n2. https://vuldb.com/?ctiid.307405\n3. https://vuldb.com/?submit.563625\n4. https://github.com/6BXK6/cve/issues/2\n5. https://itsourcecode.com/", "creation_timestamp": "2025-05-06T01:20:37.000000Z"}, {"uuid": "8c2eb39c-ca5a-4ace-b561-f19db199d7dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43012", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114354325741566250", "content": "", "creation_timestamp": "2025-04-17T16:48:59.419930Z"}, {"uuid": "059670fc-2fb2-42f4-9b3d-68b66f0e7252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43015", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114354325777103450", "content": "", "creation_timestamp": "2025-04-17T16:48:59.967431Z"}, {"uuid": "4cfd2a98-2592-43de-8b34-cb887406a838", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43012", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmzq3cvzyl2b", "content": "", "creation_timestamp": "2025-04-17T18:24:23.255662Z"}, {"uuid": "ae76f40b-e17e-48f9-b8aa-2524addb7437", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43015", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmzq3dd5gy2a", "content": "", "creation_timestamp": "2025-04-17T18:24:25.509232Z"}, {"uuid": "6211c5ec-0423-4149-bc2d-905203fc750d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43015", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-11T18:47:40.000000Z"}, {"uuid": "f1f68924-6166-4504-87e5-b30b2e61038b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43015", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12305", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43015\n\ud83d\udd25 CVSS Score: 8.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: In JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces\n\ud83d\udccf Published: 2025-04-17T15:56:05.386Z\n\ud83d\udccf Modified: 2025-04-17T17:23:40.313Z\n\ud83d\udd17 References:\n1. https://www.jetbrains.com/privacy-security/issues-fixed/", "creation_timestamp": "2025-04-17T17:57:43.000000Z"}, {"uuid": "90cf083a-a8ee-41b2-93be-09dc8629134b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43011", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16129", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43011\n\ud83d\udd25 CVSS Score: 7.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: Under certain conditions, SAP Landscape Transformation's PCL Basis module does not perform the necessary authorization checks, allowing authenticated users to access restricted functionalities or data. This can lead to a high impact on confidentiality with no impact on the integrity or availability of the application.\n\ud83d\udccf Published: 2025-05-13T00:20:02.713Z\n\ud83d\udccf Modified: 2025-05-13T14:11:07.306Z\n\ud83d\udd17 References:\n1. https://me.sap.com/notes/3591978\n2. https://url.sap/sapsecuritypatchday", "creation_timestamp": "2025-05-13T14:30:49.000000Z"}, {"uuid": "3ac84b36-d884-4ee0-8679-f35e20c0af95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43016", "type": "seen", "source": "https://t.me/cvedetector/23767", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43016 - JetBrains Rider Unvalidated Archive Unpacking Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43016 \nPublished : April 25, 2025, 3:15 p.m. | 1\u00a0hour, 44\u00a0minutes ago \nDescription : In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-25T19:11:12.000000Z"}]}