{"vulnerability": "cve-2025-2374", "sightings": [{"uuid": "8d4eb25d-c4bf-4d3a-ada1-8aad1de0c353", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23745", "type": "seen", "source": "https://t.me/cvedetector/15622", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23745 - Tussendoor Call me Now CSRF Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-23745 \nPublished : Jan. 16, 2025, 8:15 p.m. | 36\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Tussendoor internet & marketing Call me Now allows Stored XSS.This issue affects Call me Now: from n/a through 1.0.5. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-16T22:05:36.000000Z"}, {"uuid": "efbc5518-8a16-43c4-ae59-89da5fe4ed4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23743", "type": "seen", "source": "https://t.me/cvedetector/15621", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23743 - Martijn Scheybeler Social Analytics Stored CSRF XSS\", \n  \"Content\": \"CVE ID : CVE-2025-23743 \nPublished : Jan. 16, 2025, 8:15 p.m. | 36\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Martijn Scheybeler Social Analytics allows Stored XSS.This issue affects Social Analytics: from n/a through 0.2. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-16T22:05:35.000000Z"}, {"uuid": "418d1cfc-34d4-464f-8242-3adc19b45d4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2374", "type": "seen", "source": "https://t.me/cvedetector/20447", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2374 - PHPGurukul Human Metapneumovirus Testing Management System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2374 \nPublished : March 17, 2025, 11:15 a.m. | 23\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument aid/adminname/mobilenumber/email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T13:16:58.000000Z"}, {"uuid": "82501c54-2c14-437f-bb37-939e5b2d5f4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23744", "type": "seen", "source": "https://t.me/cvedetector/20392", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23744 - DVS11 Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-23744 \nPublished : March 15, 2025, 10:15 p.m. | 2\u00a0hours, 14\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dvs11 Random Posts, Mp3 Player + ShareButton allows Reflected XSS. This issue affects Random Posts, Mp3 Player + ShareButton: from n/a through 1.4.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-16T02:09:50.000000Z"}, {"uuid": "fa1cf2ca-5f78-4eb8-9be9-a07d1e5189a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23746", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo6jdvvo2r", "content": "", "creation_timestamp": "2025-01-22T15:20:35.317339Z"}, {"uuid": "e73d2aa1-a5ca-4567-8c31-4b736674160f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23747", "type": "seen", "source": "MISP/f7787455-9994-4047-b6f7-77347597c104", "content": "", "creation_timestamp": "2025-08-26T18:36:19.000000Z"}, {"uuid": "286acfaf-fa03-418d-8fab-6300ce501a4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23740", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6415", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23740\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Easy School Registration allows Reflected XSS. This issue affects Easy School Registration: from n/a through 3.9.8.\n\ud83d\udccf Published: 2025-03-03T13:30:17.923Z\n\ud83d\udccf Modified: 2025-03-04T20:15:32.277Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/easy-school-registration/vulnerability/wordpress-easy-school-registration-plugin-3-9-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-04T20:31:52.000000Z"}, {"uuid": "405b2288-3946-44e5-af57-334eb24261c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23741", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6416", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23741\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Notifications Center allows Reflected XSS. This issue affects Notifications Center: from n/a through 1.5.2.\n\ud83d\udccf Published: 2025-03-03T13:30:18.189Z\n\ud83d\udccf Modified: 2025-03-04T20:14:36.820Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/notifications-center/vulnerability/wordpress-notifications-center-plugin-1-5-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-04T20:31:53.000000Z"}, {"uuid": "2d6349ed-709f-45be-8ea9-81682c7f18ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23747", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhbtmbnjsn2f", "content": "", "creation_timestamp": "2025-02-03T15:17:37.871558Z"}, {"uuid": "717ce215-ba5a-4b47-87e9-8c0faf45c048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23742", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li5byzs54c2s", "content": "", "creation_timestamp": "2025-02-14T13:17:11.490966Z"}, {"uuid": "95184e6c-c957-4b1c-92b2-5b15fa09c315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23748", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li5bz4l7i22h", "content": "", "creation_timestamp": "2025-02-14T13:17:13.978227Z"}, {"uuid": "0be6604f-365e-4af4-a4a8-87eeaea72870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23742", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114002691811095242", "content": "", "creation_timestamp": "2025-02-14T14:23:47.455666Z"}, {"uuid": "60a84e11-e8a8-4420-943b-df9285427854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23748", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114002691828525768", "content": "", "creation_timestamp": "2025-02-14T14:23:47.594919Z"}, {"uuid": "4ffc14fe-f6bc-48ee-a80d-8c7e721899c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2374", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7759", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2374\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument aid/adminname/mobilenumber/email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-17T11:00:18.566Z\n\ud83d\udccf Modified: 2025-03-17T12:06:05.126Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299873\n2. https://vuldb.com/?ctiid.299873\n3. https://vuldb.com/?submit.515429\n4. https://github.com/SECWG/cve/issues/7\n5. https://phpgurukul.com/", "creation_timestamp": "2025-03-17T12:47:36.000000Z"}, {"uuid": "037a33d8-8046-430a-8709-2b6a8081e989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23749", "type": "seen", "source": "https://t.me/cvedetector/15623", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23749 - MyBB CSRF Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-23749 \nPublished : Jan. 16, 2025, 8:15 p.m. | 36\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Mahdi Khaksar mybb Last Topics allows Stored XSS.This issue affects mybb Last Topics: from n/a through 1.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-16T22:05:37.000000Z"}, {"uuid": "94fb80e9-d87c-4c59-b0c1-08e95456192c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23743", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv44ddy272e", "content": "", "creation_timestamp": "2025-01-16T20:19:58.166098Z"}, {"uuid": "eac874e8-5ac2-47da-8e8a-307e5b43500c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23745", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv44fu5ma2t", "content": "", "creation_timestamp": "2025-01-16T20:20:00.848841Z"}, {"uuid": "6b8eb675-b146-4577-a95a-04828b517d0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23749", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv44ji35i2t", "content": "", "creation_timestamp": "2025-01-16T20:20:05.038388Z"}, {"uuid": "2e0dcb37-ab1a-447d-bab9-290aa739b884", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23743", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113841078614176637", "content": "", "creation_timestamp": "2025-01-17T01:23:25.821595Z"}, {"uuid": "c0af04df-bf82-46f4-8ddb-cd7e7955f9a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23745", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113841078629084775", "content": "", "creation_timestamp": "2025-01-17T01:23:26.213579Z"}, {"uuid": "877f12a0-6c1f-4b78-85b5-23fa755297b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23749", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113841078643256997", "content": "", "creation_timestamp": "2025-01-17T01:23:26.757020Z"}, {"uuid": "18ef89a8-f3ce-45a7-84ca-7c758c390883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23747", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113940885558837177", "content": "", "creation_timestamp": "2025-02-03T16:25:39.059790Z"}, {"uuid": "f42a8939-265c-436e-98b2-033802557b52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2374", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lklcf4ihxb24", "content": "", "creation_timestamp": "2025-03-17T13:51:39.981706Z"}]}