{"vulnerability": "cve-2025-2701", "sightings": [{"uuid": "a7290c39-479a-4f48-8199-eb94d240fcb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27018", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkpysbitl52j", "content": "", "creation_timestamp": "2025-03-19T10:43:20.919375Z"}, {"uuid": "9983fad6-b420-4e1b-8fd1-fe684cad99ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27012", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114048796418707363", "content": "", "creation_timestamp": "2025-02-22T17:48:48.197490Z"}, {"uuid": "a3078f60-7c51-46d6-ac87-ef68a7d6234e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27012", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lis24pf52u2q", "content": "", "creation_timestamp": "2025-02-22T19:21:59.456483Z"}, {"uuid": "89ab4c1e-1c2a-4ad8-92dd-a73b8f852a67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27012", "type": "seen", "source": "https://t.me/cvedetector/18724", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27012 - A1POST.BG Shipping for Woo CSRF Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2025-27012 \nPublished : Feb. 22, 2025, 4:15 p.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in a1post A1POST.BG Shipping for Woo allows Privilege Escalation. This issue affects A1POST.BG Shipping for Woo: from n/a through 1.5.1. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-22T19:10:10.000000Z"}, {"uuid": "baf03eaf-8352-4d5f-b4d2-814bcecd9104", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27013", "type": "seen", "source": "https://t.me/cvedetector/18373", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27013 - EPC MediCenter Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27013 \nPublished : Feb. 18, 2025, 8:15 p.m. | 1\u00a0hour, 47\u00a0minutes ago \nDescription : Missing Authorization vulnerability in EPC MediCenter - Health Medical Clinic WordPress Theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MediCenter - Health Medical Clinic WordPress Theme: from n/a through n/a. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-18T23:30:35.000000Z"}, {"uuid": "afc7d730-9158-41d3-b142-6d0dd2c6e069", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27012", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5038", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27012\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in a1post A1POST.BG Shipping for Woo allows Privilege Escalation. This issue affects A1POST.BG Shipping for Woo: from n/a through 1.5.1.\n\ud83d\udccf Published: 2025-02-22T15:52:12.071Z\n\ud83d\udccf Modified: 2025-02-22T15:52:12.071Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/a1post-bg-shipping-for-woocommerce/vulnerability/wordpress-a1post-bg-shipping-for-woo-plugin-1-5-1-csrf-to-privilege-escalation-vulnerability?_s_id=cve", "creation_timestamp": "2025-02-22T16:25:09.000000Z"}, {"uuid": "a94b1762-bb5c-42d0-bace-ee37f1f43fe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27010", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16924", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27010\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Path Traversal: '.../...//' vulnerability in bslthemes Tastyc allows PHP Local File Inclusion.This issue affects Tastyc: from n/a before 2.5.2.\n\ud83d\udccf Published: 2025-05-19T18:08:53.393Z\n\ud83d\udccf Modified: 2025-05-19T19:01:15.335Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/tastyc/vulnerability/wordpress-tastyc-2-5-2-local-file-inclusion-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-19T19:39:20.000000Z"}, {"uuid": "39a4c153-b399-46e0-b8dc-6b7f4a745cc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2701", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll4rdh3pp42x", "content": "", "creation_timestamp": "2025-03-24T12:34:23.972756Z"}, {"uuid": "dc92abaa-b491-43bf-bb15-4f78b2f18f05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27013", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lii3cum7ty23", "content": "", "creation_timestamp": "2025-02-18T20:16:42.253908Z"}, {"uuid": "78cf9cb6-0514-46a7-bfee-10f03616d14f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27016", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lii3cwup6q23", "content": "", "creation_timestamp": "2025-02-18T20:16:44.665675Z"}, {"uuid": "8496ae34-02d9-4491-83ce-cacf3bdabb06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27017", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lk4fi23itd2k", "content": "", "creation_timestamp": "2025-03-11T15:36:59.845273Z"}, {"uuid": "48ccd8f6-cd1d-4116-93b0-ac3659398dbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27018", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lkqoxblgwc2k", "content": "", "creation_timestamp": "2025-03-19T17:19:49.577149Z"}, {"uuid": "7e04eac5-b028-4c94-9bcd-a230effa90bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27018", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:28.000000Z"}, {"uuid": "8b185bdc-438c-4c7b-b6ac-6b60ebb10d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27018", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:27.000000Z"}, {"uuid": "8cb3b827-6e42-473e-a83f-91adcce0b5a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27019", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m7husodd2t2j", "content": "", "creation_timestamp": "2025-12-08T10:59:43.862009Z"}, {"uuid": "0b472127-61bb-4e1d-8269-e7fae48ea0f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27019", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/115684281889620141", "content": "", "creation_timestamp": "2025-12-08T13:54:16.168951Z"}, {"uuid": "11b8b4d4-2b86-407b-b912-2941a4213896", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27019", "type": "seen", "source": "https://bsky.app/profile/cyber-news-fi.bsky.social/post/3m7jngzwk3v2f", "content": "", "creation_timestamp": "2025-12-09T03:53:17.390077Z"}, {"uuid": "688849cc-843a-4d37-b370-4b360cf1f20e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27017", "type": "seen", "source": "https://t.me/cvedetector/20146", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27017 - Apache NiFi MongoDB Authentication Credential Exposure\", \n  \"Content\": \"CVE ID : CVE-2025-27017 \nPublished : March 12, 2025, 5:15 p.m. | 1\u00a0hour, 58\u00a0minutes ago \nDescription : Apache NiFi 1.13.0 through 2.2.0 includes the username and password used to authenticate with MongoDB in the NiFi provenance events that MongoDB components generate during processing. An authorized user with read access to the provenance events of those processors may see the credentials information. Upgrading to Apache NiFi 2.3.0 is the recommended mitigation, which removes the credentials from provenance event records. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-12T20:22:55.000000Z"}, {"uuid": "8a193897-9c81-4af3-928f-df058dcbe103", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27018", "type": "seen", "source": "https://t.me/cvedetector/20631", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27018 - Apache Airflow MySQL Provider SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27018 \nPublished : March 19, 2025, 9:15 a.m. | 1\u00a0hour, 51\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Airflow MySQL Provider.  \n  \nWhen user triggered a DAG with dump_sql or load_sql functions they could pass a table parameter from a UI, that could cause SQL injection by running SQL that was not intended.  \nIt could lead to data corruption, modification and others.  \nThis issue affects Apache Airflow MySQL Provider: before 6.2.0.  \n  \nUsers are recommended to upgrade to version 6.2.0, which fixes the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T12:08:28.000000Z"}, {"uuid": "57f5c3c9-903b-4585-a57e-e5dcb3843455", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27017", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lkfkqbwagk23", "content": "", "creation_timestamp": "2025-03-15T07:05:04.324143Z"}, {"uuid": "063baaec-f5cd-4b3d-aeab-6c645c82bfbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27018", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114189028558161115", "content": "", "creation_timestamp": "2025-03-19T12:11:40.766967Z"}, {"uuid": "e6f67679-bbf2-4ceb-b667-4af9a97116f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27016", "type": "seen", "source": "https://t.me/cvedetector/18370", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27016 - Google Drive Plugin Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-27016 \nPublished : Feb. 18, 2025, 8:15 p.m. | 1\u00a0hour, 47\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in awsm.in Drivr Lite \u2013 Google Drive Plugin allows Stored XSS. This issue affects Drivr Lite \u2013 Google Drive Plugin: from n/a through 1.0.1. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-18T23:30:30.000000Z"}, {"uuid": "899b236a-136f-4b12-bbab-5480bb8c8e2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27017", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7333", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27017\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/S:P/AU:Y/R:U/V:C/RE:L/U:Green)\n\ud83d\udd39 Description: Apache NiFi 1.13.0 through 2.2.0 includes the username and password used to authenticate with MongoDB in the NiFi provenance events that MongoDB components generate during processing. An authorized user with read access to the provenance events of those processors may see the credentials information. Upgrading to Apache NiFi 2.3.0 is the recommended mitigation, which removes the credentials from provenance event records.\n\ud83d\udccf Published: 2025-03-12T16:19:45.206Z\n\ud83d\udccf Modified: 2025-03-12T16:19:45.206Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/d4n5474jkhp82dvnht13pjtlfx7bhn5q", "creation_timestamp": "2025-03-12T16:41:12.000000Z"}, {"uuid": "d1b94933-e34d-4e6a-8139-bd0ce8fc1472", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27018", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8037", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27018\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Airflow MySQL Provider.\n\nWhen user triggered a DAG with dump_sql or load_sql functions they could pass a table parameter from a UI, that could cause SQL injection by running SQL that was not intended.\nIt could lead to data corruption, modification and others.\nThis issue affects Apache Airflow MySQL Provider: before 6.2.0.\n\nUsers are recommended to upgrade to version 6.2.0, which fixes the issue.\n\ud83d\udccf Published: 2025-03-19T09:06:07.220Z\n\ud83d\udccf Modified: 2025-03-19T09:06:07.220Z\n\ud83d\udd17 References:\n1. https://github.com/apache/airflow/pull/47254\n2. https://github.com/apache/airflow/pull/47255\n3. https://lists.apache.org/thread/m8ohgkwz4mq9njohf66sjwqjdy28gvzf", "creation_timestamp": "2025-03-19T09:49:02.000000Z"}, {"uuid": "eefd8f7f-fca7-4b22-a2a0-f7cd99e0d199", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2701", "type": "seen", "source": "https://t.me/cvedetector/20949", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2701 - AMTT Hotel Broadband Operation System Popen Os Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2701 \nPublished : March 24, 2025, 9:15 a.m. | 1\u00a0hour, 46\u00a0minutes ago \nDescription : A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0. This vulnerability affects the function popen of the file /manager/network/port_setup.php. The manipulation of the argument SwitchVersion/SwitchWrite/SwitchIP/SwitchIndex/SwitchState leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T12:32:50.000000Z"}]}