{"vulnerability": "cve-2025-3038", "sightings": [{"uuid": "d8cefc24-b20e-49c4-8808-6453626090e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30389", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14427", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30389\n\ud83d\udd25 CVSS Score: 8.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:P/RL:O/RC:C)\n\ud83d\udd39 Description: Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.\n\ud83d\udccf Published: 2025-04-30T17:14:50.414Z\n\ud83d\udccf Modified: 2025-05-02T03:55:21.274Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30389", "creation_timestamp": "2025-05-02T04:15:37.000000Z"}, {"uuid": "741b6d13-3373-4c32-af22-4f671116f581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3038", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9789", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3038\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in code-projects Payroll Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /view_account.php. The manipulation of the argument salary_rate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-31T22:31:06.673Z\n\ud83d\udccf Modified: 2025-03-31T22:31:06.673Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.302099\n2. https://vuldb.com/?ctiid.302099\n3. https://vuldb.com/?submit.524636\n4. https://github.com/nabiland/cve/blob/main/cve.md\n5. https://code-projects.org/", "creation_timestamp": "2025-03-31T23:31:23.000000Z"}, {"uuid": "99ae9dc1-d831-452a-bf26-3d94524aaca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3038", "type": "seen", "source": "https://t.me/cvedetector/21687", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3038 - Code-projects Payroll Management System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3038 \nPublished : March 31, 2025, 11:15 p.m. | 1\u00a0hour, 53\u00a0minutes ago \nDescription : A vulnerability was found in code-projects Payroll Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /view_account.php. The manipulation of the argument salary_rate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T03:35:21.000000Z"}, {"uuid": "18d2be67-09c4-4c53-9a08-d1047d3d58cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-303879", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0156", "content": "", "creation_timestamp": "2025-05-13T17:10:10.000000Z"}, {"uuid": "303b5c84-5ad9-4af4-be4d-c0435d5cb529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-303868", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0155", "content": "", "creation_timestamp": "2025-05-13T16:58:56.000000Z"}, {"uuid": "e6f49cb7-ef69-425e-bbac-54021d753be7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-303827", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0155", "content": "", "creation_timestamp": "2025-05-13T16:58:56.000000Z"}, {"uuid": "9f0b716c-ee79-4657-8d70-d642ecba3e51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-303847", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0155", "content": "", "creation_timestamp": "2025-05-13T16:58:56.000000Z"}, {"uuid": "befa298b-0094-4f23-b5d4-d00c5587771e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-303817", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0155", "content": "", "creation_timestamp": "2025-05-13T16:58:56.000000Z"}, {"uuid": "fbd7acfc-5501-4bdf-86b6-444a020fe0cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-303837", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0155", "content": "", "creation_timestamp": "2025-05-13T16:58:56.000000Z"}, {"uuid": "0902615d-fc80-4327-93b0-8b04cf9b7d4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-303887", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0155", "content": "", "creation_timestamp": "2025-05-13T16:58:56.000000Z"}, {"uuid": "f7bb07b9-c7a7-4c36-a347-c4f566037b97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30386", "type": "seen", "source": "https://www.thezdi.com/blog/2025/5/13/the-may-2025-security-update-review", "content": "", "creation_timestamp": "2025-05-13T16:27:02.000000Z"}, {"uuid": "f465e167-624b-4d56-a23f-505be2ea29ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30384", "type": "seen", "source": "https://www.thezdi.com/blog/2025/5/13/the-may-2025-security-update-review", "content": "", "creation_timestamp": "2025-05-13T16:27:02.000000Z"}, {"uuid": "6d81b684-b5df-401c-b5ca-d01b26bdd576", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30387", "type": "seen", "source": "https://www.thezdi.com/blog/2025/5/13/the-may-2025-security-update-review", "content": "", "creation_timestamp": "2025-05-13T16:27:02.000000Z"}, {"uuid": "c5f80b1d-5950-4828-82ae-d3376e714700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30381", "type": "seen", "source": "https://www.thezdi.com/blog/2025/5/13/the-may-2025-security-update-review", "content": "", "creation_timestamp": "2025-05-13T16:27:02.000000Z"}, {"uuid": "150e05a8-29cb-4e6a-9dcd-9d903dc29a27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30383", "type": "seen", "source": "https://www.thezdi.com/blog/2025/5/13/the-may-2025-security-update-review", "content": "", "creation_timestamp": "2025-05-13T16:27:02.000000Z"}, {"uuid": "8c29cc72-abf9-47a5-ba44-72433525cc97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30382", "type": "seen", "source": "https://www.thezdi.com/blog/2025/5/13/the-may-2025-security-update-review", "content": "", "creation_timestamp": "2025-05-13T16:27:02.000000Z"}, {"uuid": "d7eeddb9-1b94-4f30-8b6e-f41635d177c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30385", "type": "seen", "source": "https://www.thezdi.com/blog/2025/5/13/the-may-2025-security-update-review", "content": "", "creation_timestamp": "2025-05-13T16:27:02.000000Z"}, {"uuid": "70e0e61b-4df2-451d-a7c5-f530359d12e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30388", "type": "seen", "source": "https://www.thezdi.com/blog/2025/5/13/the-may-2025-security-update-review", "content": "", "creation_timestamp": "2025-05-13T16:27:02.000000Z"}, {"uuid": "29d753db-d042-47d4-9332-4025d685e198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30386", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lp5we6qa522u", "content": "", "creation_timestamp": "2025-05-14T21:17:50.384309Z"}, {"uuid": "f0605273-f6ba-401d-a213-fa3729649663", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30388", "type": "seen", "source": "https://gist.github.com/Darkcrai86/cf9e1ffe389625a29a6abf7f1e885e43", "content": "", "creation_timestamp": "2025-11-03T08:27:34.000000Z"}, {"uuid": "30ae533b-6ef3-493a-b0b0-46e38b062a4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30387", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16234", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30387\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Improper limitation of a pathname to a restricted directory ('path traversal') in Azure allows an unauthorized attacker to elevate privileges over a network.\n\ud83d\udccf Published: 2025-05-13T16:58:46.604Z\n\ud83d\udccf Modified: 2025-05-13T20:13:41.235Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30387", "creation_timestamp": "2025-05-13T20:31:17.000000Z"}, {"uuid": "407ad0d9-7923-418d-96d0-14db4597d63c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30384", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16232", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30384\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.\n\ud83d\udccf Published: 2025-05-13T16:58:44.963Z\n\ud83d\udccf Modified: 2025-05-13T20:13:57.820Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30384", "creation_timestamp": "2025-05-13T20:31:12.000000Z"}, {"uuid": "b8acf0c8-b11f-48a0-9f2e-9809d6a822da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30386", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16233", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30386\n\ud83d\udd25 CVSS Score: 8.4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.\n\ud83d\udccf Published: 2025-05-13T16:58:45.977Z\n\ud83d\udccf Modified: 2025-05-13T20:13:49.720Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30386", "creation_timestamp": "2025-05-13T20:31:16.000000Z"}, {"uuid": "2518cd56-b654-46e9-ad54-a937c87b5fd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30385", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16267", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30385\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.\n\ud83d\udccf Published: 2025-05-13T16:59:09.691Z\n\ud83d\udccf Modified: 2025-05-13T21:40:35.411Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30385", "creation_timestamp": "2025-05-13T22:30:58.000000Z"}, {"uuid": "d8d1fbfd-64a2-41ab-8265-270fb6eacdeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30383", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16287", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30383\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.\n\ud83d\udccf Published: 2025-05-13T16:58:44.101Z\n\ud83d\udccf Modified: 2025-05-14T04:00:45.710Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30383", "creation_timestamp": "2025-05-14T04:32:00.000000Z"}, {"uuid": "cea439dd-c51d-4326-9b45-e01ed14462c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30389", "type": "seen", "source": "https://t.me/cvedetector/24149", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30389 - Azure Bot Framework SDK Authorization Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30389 \nPublished : April 30, 2025, 6:15 p.m. | 1\u00a0hour, 37\u00a0minutes ago \nDescription : Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network. \nSeverity: 8.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-30T22:06:20.000000Z"}, {"uuid": "fd0fa407-d6db-4a8c-a604-fff4e2160bc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30389", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114428064949898924", "content": "", "creation_timestamp": "2025-04-30T17:21:46.727478Z"}, {"uuid": "47dfbe8d-5ad7-43bf-bae1-1e5c3d3fa78e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30389", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114428641997339689", "content": "", "creation_timestamp": "2025-04-30T19:48:33.158879Z"}, {"uuid": "9c632236-4e95-4eb6-bdb6-5de254263358", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30389", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo2n7e7pq22p", "content": "", "creation_timestamp": "2025-04-30T20:30:45.174714Z"}, {"uuid": "cb4d3c67-1c00-455b-82a3-8be2d496eb4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30388", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3m4t42gswl62t", "content": "", "creation_timestamp": "2025-11-04T17:53:03.177227Z"}, {"uuid": "d4b4420a-7b90-471b-b399-bf48b71a6b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30388", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3m4nyavvvtu2u", "content": "", "creation_timestamp": "2025-11-02T17:01:46.493788Z"}, {"uuid": "94bf8402-f425-43a8-81b3-61ca1bd4695f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30388", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16266", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30388\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.\n\ud83d\udccf Published: 2025-05-13T16:59:10.344Z\n\ud83d\udccf Modified: 2025-05-13T21:40:36.120Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30388", "creation_timestamp": "2025-05-13T22:30:57.000000Z"}]}