{"vulnerability": "CVE-2025-4500", "sightings": [{"uuid": "73e5529e-b978-44f7-b031-6e074d4a8954", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-45001", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lr74p7cyou2s", "content": "", "creation_timestamp": "2025-06-09T19:34:16.784357Z"}, {"uuid": "a3b179b9-83e5-45a2-b071-cfad81ddd134", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-45006", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsyrvczujl2m", "content": "", "creation_timestamp": "2025-07-02T17:55:15.774443Z"}, {"uuid": "f76a86b5-e420-4734-836d-250134454975", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-45007", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo25taqrjv2j", "content": "", "creation_timestamp": "2025-04-30T15:55:35.795728Z"}, {"uuid": "760aacac-33db-475a-a2e8-72edff45f090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-45002", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lr75bbfubi2m", "content": "", "creation_timestamp": "2025-06-09T19:44:23.315031Z"}, {"uuid": "9480fc60-2ad4-4550-9099-5680368571d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4500", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15894", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4500\n\ud83d\udd25 CVSS Score: 4.8 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in code-projects Hotel Management System 1.0. Affected by this issue is the function Edit of the component Edit Room. The manipulation of the argument roomnumber leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-10T12:31:04.234Z\n\ud83d\udccf Modified: 2025-05-10T12:31:04.234Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.308216\n2. https://vuldb.com/?ctiid.308216\n3. https://vuldb.com/?submit.567110\n4. https://github.com/zzzxc643/cve/blob/main/HOTEL_MANAGEMENT_SYSTEM.md\n5. https://code-projects.org/", "creation_timestamp": "2025-05-10T13:27:15.000000Z"}, {"uuid": "efbe511c-2b7b-4da1-bc83-f377826a07fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4500", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lot5awmppo42", "content": "", "creation_timestamp": "2025-05-10T14:26:46.891418Z"}, {"uuid": "4430dd7c-e369-4fd1-bdf6-f01603b85f91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4500", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lot64guh3y2o", "content": "", "creation_timestamp": "2025-05-10T14:37:15.063391Z"}, {"uuid": "b68d6fe8-fdf4-4fd2-9d7a-032aa7e6f33e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-45007", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14025", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-45007\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the profile.php file of PHPGurukul Timetable Generator System v1.0. This vulnerability allows remote attackers to execute arbitrary JavaScript code via the adminname POST request parameter.\n\ud83d\udccf Published: 2025-04-30T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-30T12:43:43.071Z\n\ud83d\udd17 References:\n1. https://github.com/rtnthakur/CVE/blob/main/PHPGurukul/Time-Table-Generator-System/xss-injection.md", "creation_timestamp": "2025-04-30T13:13:35.000000Z"}, {"uuid": "7a4d663e-b41e-44fe-9892-a74009f4cba8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-45001", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17771", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-45001\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: react-native-keys 0.7.11 is vulnerable to sensitive information disclosure (remote) as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. Attackers can extract these secrets using basic static analysis tools.\n\ud83d\udccf Published: 2025-06-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-09T19:47:56.235Z\n\ud83d\udd17 References:\n1. https://gist.github.com/ch3tanbug/44aedff79dd5d2d6beadbffcd01e0de5\n2. https://github.com/ch3tanbug/vulnerability-research/tree/main/CVE-2025-45001", "creation_timestamp": "2025-06-09T20:31:29.000000Z"}, {"uuid": "cedf0b77-d048-4d31-9954-a44b50146878", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-45002", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17770", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-45002\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Vigybag v1.0 and before is vulnerable to Cross Site Scripting (XSS) via the upload profile picture function under my profile.\n\ud83d\udccf Published: 2025-06-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-09T19:48:01.839Z\n\ud83d\udd17 References:\n1. https://github.com/ch3tanbug/vulnerability-research/tree/main/CVE-2025-45002", "creation_timestamp": "2025-06-09T20:31:25.000000Z"}, {"uuid": "5716603f-72a5-4411-85b8-912fc94c23f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4500", "type": "seen", "source": "https://t.me/cvedetector/25013", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-4500 - Code-projects Hotel Management System Stack-Based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-4500 \nPublished : May 10, 2025, 1:15 p.m. | 1\u00a0hour, 27\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in code-projects Hotel Management System 1.0. Affected by this issue is the function Edit of the component Edit Room. The manipulation of the argument roomnumber leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-10T17:17:31.000000Z"}, {"uuid": "b28e0037-bcf1-4d01-bbe8-9225f6ee0362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-45007", "type": "seen", "source": "https://t.me/cvedetector/24090", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-45007 - PHPGurukul Timetable Generator System Reflected Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-45007 \nPublished : April 30, 2025, 1:15 p.m. | 28\u00a0minutes ago \nDescription : A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the profile.php file of PHPGurukul Timetable Generator System v1.0. This vulnerability allows remote attackers to execute arbitrary JavaScript code via the adminname POST request parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-30T16:14:27.000000Z"}]}