https://vulnerability.circl.lu/sightings/feed 2026-06-13T06:30:07.392430+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/0a0afb3f-d4a0-4c87-b186-207a49409439/export 2026-06-13T06:30:07.669990+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "0a0afb3f-d4a0-4c87-b186-207a49409439", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3140", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10216", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3140\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /view_category.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-03T04:31:05.693Z\n\ud83d\udccf Modified: 2025-04-03T13:10:23.408Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303045\n2. https://vuldb.com/?ctiid.303045\n3. https://vuldb.com/?submit.525308\n4. https://github.com/Lena-lyy/SQL/blob/main/SQL1.md\n5. https://www.sourcecodester.com/", "creation_timestamp": "2025-04-03T13:35:06.000000Z"} 2025-04-03T13:35:06+00:00 https://vulnerability.circl.lu/sighting/8572d481-9cbe-427a-ba41-f0e63a97a4ec/export 2026-06-13T06:30:07.669909+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "8572d481-9cbe-427a-ba41-f0e63a97a4ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31405", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10437", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31405\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zankover Fami WooCommerce Compare allows PHP Local File Inclusion.This issue affects Fami WooCommerce Compare: from n/a through 1.0.5.\n\ud83d\udccf Published: 2025-04-04T13:26:10.946Z\n\ud83d\udccf Modified: 2025-04-04T13:26:10.946Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/fami-woocommerce-compare/vulnerability/wordpress-fami-woocommerce-compare-plugin-1-0-5-local-file-inclusion-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-04T13:35:43.000000Z"} 2025-04-04T13:35:43+00:00 https://vulnerability.circl.lu/sighting/a58b7a59-62d8-4e98-828e-fad79a23b1b7/export 2026-06-13T06:30:07.669826+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "a58b7a59-62d8-4e98-828e-fad79a23b1b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31407", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10439", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31407\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hutsixdigital Tiger allows Stored XSS.This issue affects Tiger: from n/a through 2.0.\n\ud83d\udccf Published: 2025-04-04T13:24:56.744Z\n\ud83d\udccf Modified: 2025-04-04T13:24:56.744Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/tiger/vulnerability/wordpress-tiger-theme-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-04T13:35:44.000000Z"} 2025-04-04T13:35:44+00:00 https://vulnerability.circl.lu/sighting/edf1e9c1-57ba-49d5-aa98-d86aea50f86a/export 2026-06-13T06:30:07.669752+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "edf1e9c1-57ba-49d5-aa98-d86aea50f86a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31403", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llyninijha2p", "content": "", "creation_timestamp": "2025-04-04T14:40:15.091205Z"} 2025-04-04T14:40:15.091205+00:00 https://vulnerability.circl.lu/sighting/a87a1372-5d13-47ed-b38e-7ba44cb77f8c/export 2026-06-13T06:30:07.669677+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "a87a1372-5d13-47ed-b38e-7ba44cb77f8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31403", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114280477286926972", "content": "", "creation_timestamp": "2025-04-04T15:48:17.558443Z"} 2025-04-04T15:48:17.558443+00:00 https://vulnerability.circl.lu/sighting/5115a146-fada-4871-8fc1-d8448a6e9814/export 2026-06-13T06:30:07.669598+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "5115a146-fada-4871-8fc1-d8448a6e9814", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31403", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114280477286926972", "content": "", "creation_timestamp": "2025-04-04T15:48:17.560164Z"} 2025-04-04T15:48:17.560164+00:00 https://vulnerability.circl.lu/sighting/3b36e286-ea1d-43de-ae17-ef4c4283ba64/export 2026-06-13T06:30:07.669513+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "3b36e286-ea1d-43de-ae17-ef4c4283ba64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31403", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llys3ni4yz2z", "content": "", "creation_timestamp": "2025-04-04T16:02:27.241537Z"} 2025-04-04T16:02:27.241537+00:00 https://vulnerability.circl.lu/sighting/e89258c6-461e-4644-bb5a-6bd14bc32b39/export 2026-06-13T06:30:07.669421+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "e89258c6-461e-4644-bb5a-6bd14bc32b39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31403", "type": "seen", "source": "https://t.me/cvedetector/22134", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-31403 - Shiptrack SQL Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-31403 \nPublished : April 4, 2025, 2:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shiptrack Booking Calendar and Notification allows Blind SQL Injection.This issue affects Booking Calendar and Notification: from n/a through 4.0.3. \nSeverity: 9.3 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T18:01:21.000000Z"} 2025-04-04T18:01:21+00:00 https://vulnerability.circl.lu/sighting/a2362b32-e7cf-408c-9640-8271998816e9/export 2026-06-13T06:30:07.669261+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "a2362b32-e7cf-408c-9640-8271998816e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31405", "type": "seen", "source": "https://t.me/cvedetector/22135", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-31405 - Zankover Fami WooCommerce Compare PHP Local File Inclusion\", \n \"Content\": \"CVE ID : CVE-2025-31405 \nPublished : April 4, 2025, 2:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zankover Fami WooCommerce Compare allows PHP Local File Inclusion.This issue affects Fami WooCommerce Compare: from n/a through 1.0.5. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T18:01:22.000000Z"} 2025-04-04T18:01:22+00:00 https://vulnerability.circl.lu/sighting/92d59a75-958c-4d0c-96c5-06c1f77a561f/export 2026-06-13T06:30:07.666370+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "92d59a75-958c-4d0c-96c5-06c1f77a561f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31407", "type": "seen", "source": "https://t.me/cvedetector/22136", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-31407 - Hutsixdigital Tiger Cross-site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-31407 \nPublished : April 4, 2025, 2:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hutsixdigital Tiger allows Stored XSS.This issue affects Tiger: from n/a through 2.0. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T18:01:23.000000Z"} 2025-04-04T18:01:23+00:00