https://vulnerability.circl.lu/sightings/feed 2026-05-30T20:09:45.562686+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/5d63e3a8-7be2-4a01-99fa-bc24fab977e7/export 2026-05-30T20:09:45.878783+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "5d63e3a8-7be2-4a01-99fa-bc24fab977e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25748", "type": "seen", "source": "Telegram/3MBTytBz7FAWoUgV2aTVPXaX-kfAuOLht6JlK6Rx_m9ll3c", "content": "", "creation_timestamp": "2025-03-07T22:00:06.000000Z"} 2025-03-07T22:00:06+00:00 https://vulnerability.circl.lu/sighting/49cd8b74-9563-4509-8933-e51ce537d09d/export 2026-05-30T20:09:45.876023+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "49cd8b74-9563-4509-8933-e51ce537d09d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25748", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7194", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25748\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 allows attackers to perform unauthorized actions (e.g., modifying user passwords) on behalf of authenticated users by exploiting the lack of origin or referrer validation and the absence of CSRF tokens.\n\ud83d\udccf Published: 2025-03-11T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-11T17:22:36.399Z\n\ud83d\udd17 References:\n1. https://www.huyvo.net/post/cve-2025-25748-cross-site-request-forgery-csrf-vulnerability-in-hoteldruid-3-0-7", "creation_timestamp": "2025-03-11T17:39:58.000000Z"} 2025-03-11T17:39:58+00:00