{"vulnerability": "cve-2025-4908", "sightings": [{"uuid": "69cc884b-2545-47fe-9b70-7ef9e503eced", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49082", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lv7vbmowseu2", "content": "", "creation_timestamp": "2025-07-31T00:36:08.423892Z"}, {"uuid": "a1905f16-9dc9-49d9-a9ee-150ac40fab16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49084", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lv7vboy2pma2", "content": "", "creation_timestamp": "2025-07-31T00:36:09.019809Z"}, {"uuid": "a3a07e6a-6956-494d-8df4-90f0d10862fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49083", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lv7vbzcsw5s2", "content": "", "creation_timestamp": "2025-07-31T00:36:09.799363Z"}, {"uuid": "95922e08-a4b8-4e11-900e-d371837a7cee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49082", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lva76dsedh2q", "content": "", "creation_timestamp": "2025-07-31T03:31:58.835303Z"}, {"uuid": "0ea8c9e4-9b72-4a4a-9367-c4d8769bb857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49084", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lva7a5fewj2c", "content": "", "creation_timestamp": "2025-07-31T03:32:58.947836Z"}, {"uuid": "1b4a0719-b158-48ae-90bf-73ae46733b04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4908", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16798", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4908\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical has been found in PHPGurukul Daily Expense Tracker System 1.1. This affects an unknown part of the file /expense-datewise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-19T03:00:09.440Z\n\ud83d\udccf Modified: 2025-05-19T03:00:09.440Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.309465\n2. https://vuldb.com/?ctiid.309465\n3. https://vuldb.com/?submit.578254\n4. https://github.com/f1rstb100d/myCVE/issues/23\n5. https://phpgurukul.com/", "creation_timestamp": "2025-05-19T03:38:22.000000Z"}, {"uuid": "660b8cca-90f1-4db3-b31a-cce1f3f5e374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-49080", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114676926802311561", "content": "", "creation_timestamp": "2025-06-13T16:10:37.160012Z"}, {"uuid": "b900c04d-cfb7-4b01-8dfd-25d6d9457c3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49088", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mas6gm4dkl2x", "content": "", "creation_timestamp": "2025-12-25T06:43:45.304022Z"}, {"uuid": "b7e7dad5-e398-4c32-abed-6beb9b80c17b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49081", "type": "seen", "source": "Telegram/8shVKxKTpgJppwgqoSP5CMMCpmIT9d2sZKGL6M7b5sBVNGc", "content": "", "creation_timestamp": "2025-06-12T18:31:34.000000Z"}, {"uuid": "690f1ca5-4b19-4e41-a9da-5d6195c94e92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49080", "type": "seen", "source": "Telegram/8shVKxKTpgJppwgqoSP5CMMCpmIT9d2sZKGL6M7b5sBVNGc", "content": "", "creation_timestamp": "2025-06-12T18:31:34.000000Z"}, {"uuid": "d463645e-696e-4bab-b416-980cd5e37380", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49080", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18203", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49080\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: There is a memory management vulnerability in Absolute\nSecure Access server versions 9.0 to 13.54. Attackers with network access to\nthe server can cause a Denial of Service by sending a specially crafted\nsequence of packets to the server. The attack complexity is low, there are no\nattack requirements, privileges, or user interaction required. Loss of\navailability is high; there is no impact on confidentiality or integrity.\n\ud83d\udccf Published: 2025-06-12T17:08:50.086Z\n\ud83d\udccf Modified: 2025-06-12T17:08:50.086Z\n\ud83d\udd17 References:\n1. https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2025-49080", "creation_timestamp": "2025-06-12T17:35:04.000000Z"}, {"uuid": "25703d47-b87f-4cbc-aa22-51c2c3de334d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49081", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18202", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49081\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: There is an insufficient input validation vulnerability in the warehouse\ncomponent of Absolute Secure Access prior to server version 13.55. Attackers\nwith system administrator permissions can impair the availability of the Secure\nAccess administrative UI by writing invalid data to the warehouse over the\nnetwork. The attack complexity is low, there are no attack requirements,\nprivileges required are high, and there is no user interaction required. There\nis no impact on confidentiality or integrity; the impact on availability is\nhigh.\n\ud83d\udccf Published: 2025-06-12T17:25:47.812Z\n\ud83d\udccf Modified: 2025-06-12T17:25:47.812Z\n\ud83d\udd17 References:\n1. https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2025-49081", "creation_timestamp": "2025-06-12T17:35:03.000000Z"}, {"uuid": "5e83946c-cc88-4a1a-bf6c-cc97dc35dbc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4908", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpissik3jk2o", "content": "", "creation_timestamp": "2025-05-19T05:13:26.493460Z"}]}