{"vulnerability": "CVE-2025-4765", "sightings": [{"uuid": "a0ce4a00-66b3-4371-97d1-a75b9aaba3ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4765", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16668", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4765\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been classified as critical. Affected is an unknown function of the file /admin/contactus.php. The manipulation of the argument mobnum leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-16T08:31:06.442Z\n\ud83d\udccf Modified: 2025-05-16T08:31:06.442Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.309066\n2. https://vuldb.com/?ctiid.309066\n3. https://vuldb.com/?submit.571345\n4. https://github.com/bleakTS/myCVE/issues/9\n5. https://phpgurukul.com/", "creation_timestamp": "2025-05-16T09:34:52.000000Z"}, {"uuid": "5beaa119-0cd0-462d-a724-c58242037784", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47658", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17453", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47658\n\ud83d\udd25 CVSS Score: 9.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System allows Upload a Web Shell to a Web Server. This issue affects ELEX WordPress HelpDesk & Customer Ticketing System: from n/a through 3.2.7.\n\ud83d\udccf Published: 2025-05-23T12:43:23.046Z\n\ud83d\udccf Modified: 2025-05-23T18:59:06.107Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/elex-helpdesk-customer-support-ticket-system/vulnerability/wordpress-elex-wordpress-helpdesk-customer-ticketing-system-3-2-7-arbitrary-file-upload-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-23T19:44:38.000000Z"}, {"uuid": "ccfe9312-e7fd-4daa-a02e-ddca75f8e065", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47651", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17725", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47651\n\ud83d\udd25 CVSS Score: 8.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infility Infility Global allows SQL Injection. This issue affects Infility Global: from n/a through 2.12.4.\n\ud83d\udccf Published: 2025-06-09T15:54:07.167Z\n\ud83d\udccf Modified: 2025-06-09T17:23:32.093Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/infility-global/vulnerability/wordpress-infility-global-2-11-2-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-09T18:11:09.000000Z"}, {"uuid": "76fd7826-adeb-4dd6-9d47-04fb30347eca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4765", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpc3ny324y2r", "content": "", "creation_timestamp": "2025-05-16T13:03:20.630694Z"}, {"uuid": "9336347c-24bd-4a85-a552-b5f5fe44698b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47657", "type": "seen", "source": "https://t.me/cvedetector/24733", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-47657 - Productive Minds Productive Commerce SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2025-47657 \nPublished : May 7, 2025, 3:16 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Productive Minds Productive Commerce allows SQL Injection. This issue affects Productive Commerce: from n/a through 1.1.22. \nSeverity: 9.3 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T19:01:01.000000Z"}, {"uuid": "b45c7dd4-3949-474e-b7c0-ae6435da0058", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47656", "type": "seen", "source": "https://t.me/cvedetector/24734", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-47656 - Spiraclethemes Site Library Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-47656 \nPublished : May 7, 2025, 3:16 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spiraclethemes Spiraclethemes Site Library allows Stored XSS. This issue affects Spiraclethemes Site Library: from n/a through 1.4.0. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T19:01:02.000000Z"}, {"uuid": "980f5e2f-ce80-4da8-805d-ecc6b677eb7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47657", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lomcrzrvsn2h", "content": "", "creation_timestamp": "2025-05-07T21:12:15.897408Z"}, {"uuid": "f8ea117c-ddf9-498c-b1c7-5c6f57ea4f5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47658", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lptvlqpqdp2q", "content": "", "creation_timestamp": "2025-05-23T15:02:36.287072Z"}]}