{"vulnerability": "CVE-2025-4488", "sightings": [{"uuid": "395fba63-c2b8-4636-aeb5-635f84769aca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4488", "type": "seen", "source": "https://t.me/cvedetector/24985", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-4488 - iSourcecode Gym Management System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-4488 \nPublished : May 9, 2025, 8:15 p.m. | 2\u00a0hours, 4\u00a0minutes ago \nDescription : A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_package. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-10T00:34:28.000000Z"}, {"uuid": "1e9d86a5-bf90-4fdf-b16d-0662f970d353", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44880", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpn7mpgcpp2w", "content": "", "creation_timestamp": "2025-05-20T23:13:28.099340Z"}, {"uuid": "ebe83f20-d28d-42a3-8425-ed3a9fb396c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44887", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpn7mpmspx2w", "content": "", "creation_timestamp": "2025-05-20T23:13:29.305352Z"}, {"uuid": "84fb8832-5556-47d4-b73b-82f395b77009", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4488", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lori7cv7q32w", "content": "", "creation_timestamp": "2025-05-09T22:32:34.574786Z"}, {"uuid": "4fa868bc-accd-4ccf-85ba-26d71c056361", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44881", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpotlaoyvu2l", "content": "", "creation_timestamp": "2025-05-21T14:43:13.027599Z"}, {"uuid": "65276d2b-a2b2-421e-94af-04ba680ce306", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44885", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpotlay3q22h", "content": "", "creation_timestamp": "2025-05-21T14:43:13.663114Z"}, {"uuid": "e9704023-f78d-43a6-8f34-18ed8e5084a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44884", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpotlb35di2h", "content": "", "creation_timestamp": "2025-05-21T14:43:14.311111Z"}, {"uuid": "58cf07f4-7e06-456f-8fc6-bfed515b72a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44886", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpotlb6kpi2h", "content": "", "creation_timestamp": "2025-05-21T14:43:14.933563Z"}, {"uuid": "c4e8fdc8-f71a-42d8-99ca-746cdbe57281", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44880", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17089", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-44880\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A command injection vulnerability in the component /cgi-bin/adm.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input.\n\ud83d\udccf Published: 2025-05-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-20T20:16:41.668Z\n\ud83d\udd17 References:\n1. https://lafdrew.github.io/2025/03/27/Remote-Command-Execution-in-adm-cgi-of-wavlink-WL-WN579A3-Device/", "creation_timestamp": "2025-05-20T20:41:22.000000Z"}, {"uuid": "fc630f8b-2b64-4557-8040-97c17f973aa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4488", "type": "published-proof-of-concept", "source": "Telegram/HfdZK7IaNw2IgiSWMbJAgdBOWQpganIA_skYVFqg6YQ3yyg", "content": "", "creation_timestamp": "2025-05-09T23:31:22.000000Z"}, {"uuid": "6e7e195d-bfb9-42dd-8040-5dfe38798b43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44883", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpn7mptitl2p", "content": "", "creation_timestamp": "2025-05-20T23:13:30.492799Z"}, {"uuid": "ae57cfb1-186a-428e-ac9d-985c821f9c1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44882", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpn7mqhrbl2p", "content": "", "creation_timestamp": "2025-05-20T23:13:33.777083Z"}, {"uuid": "bf3f5c83-e4d7-464b-ae4a-40fc79b9831a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44888", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpn7mpwsoq2j", "content": "", "creation_timestamp": "2025-05-20T23:13:31.072372Z"}, {"uuid": "b172af95-6a62-4ba1-9365-801f9f607cc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4488", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15846", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4488\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_package. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-09T20:00:09.660Z\n\ud83d\udccf Modified: 2025-05-09T20:00:09.660Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.308203\n2. https://vuldb.com/?ctiid.308203\n3. https://vuldb.com/?submit.566783\n4. https://github.com/wyl091256/CVE/issues/8\n5. https://itsourcecode.com/", "creation_timestamp": "2025-05-09T20:26:23.000000Z"}, {"uuid": "40af68ff-bfe5-454d-8111-c529bcb9f78c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4488", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lorber5ptfi2", "content": "", "creation_timestamp": "2025-05-09T22:06:54.888417Z"}]}