{"vulnerability": "cve-2019-25137", "sightings": [{"uuid": "14fb8414-47d2-491c-984b-6f278b907a38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-25137", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2581", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2019-25137\n\ud83d\udd39 Description: Umbraco CMS 4.11.8 through 7.15.10, and 7.12.4, allows Remote Code Execution by authenticated administrators via msxsl:script in an xsltSelection to developer/Xslt/xsltVisualize.aspx.\n\ud83d\udccf Published: 2023-05-18T00:00:00\n\ud83d\udccf Modified: 2025-01-22T16:43:41.293Z\n\ud83d\udd17 References:\n1. https://www.exploit-db.com/exploits/46153\n2. https://github.com/noraj/Umbraco-RCE\n3. https://0xdf.gitlab.io/2020/09/05/htb-remote.html\n4. https://github.com/Ickarah/CVE-2019-25137-Version-Research", "creation_timestamp": "2025-01-22T17:01:53.000000Z"}, {"uuid": "e4a8f111-4142-4bfd-83b2-49dd10d34aeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-25137", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/37879", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2019-25137 is an Umbraco RCE vulnerability, the script within this repo is slightly altered\nURL\uff1ahttps://github.com/dact91/CVE-2019-25137-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-05-23T19:51:37.000000Z"}]}