{"vulnerability": "CVE-2025-5646", "sightings": [{"uuid": "9130814e-5b45-42e2-9610-60882ad12d1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5646", "type": "seen", "source": "https://bsky.app/profile/FunctionalProgramming.activitypub.awakari.com.ap.brid.gy/post/3lqtwoot3hzv2", "content": "", "creation_timestamp": "2025-06-05T08:47:29.394163Z"}, {"uuid": "ba96305c-1bd9-4c12-903b-265606faa585", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5646", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqu7ekpprg2s", "content": "", "creation_timestamp": "2025-06-05T11:22:43.769095Z"}, {"uuid": "b41f88b5-c3ee-4881-9e57-e5ae3f938cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-56465", "type": "seen", "source": "https://t.me/LulzSecBlack/721", "content": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-56465", "creation_timestamp": "2025-08-30T12:03:16.000000Z"}, {"uuid": "901e7e23-3f46-467f-a95d-6b6fdbe8bc8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-56465", "type": "published-proof-of-concept", "source": "https://t.me/LulzSecBlack/718", "content": "\u0644\u0642\u062f \u0646\u0634\u0631\u0646\u0627 \u0633\u0627\u0628\u0642\u0627\u064b \u0639\u0646 \u062b\u063a\u0631\u0629 Zero Day \u0641\u064a GetSimpleCMS \u0641\u064a \u0627\u0644\u0625\u0635\u062f\u0627\u0631 3.3.16 \u0648\u0642\u062f \u0642\u0645\u0646\u0627 \u0628\u0646\u0634\u0631 \u0627\u0644\u0645\u0646\u0634\u0648\u0631 \u0641\u064a \u0642\u0646\u0627\u062a\u0646\u0627 \u0627\u0644\u062b\u0627\u0646\u064a\u0629 CyberShop \u0648\u0642\u0645\u0646\u0627 \u0628\u062a\u062d\u0648\u064a\u0644 \u0627\u0644\u0645\u0646\u0634\u0648\u0631 \u0625\u0644\u0649 \u0647\u0646\u0627 \u0648\u062d\u0627\u0644\u064a\u0627\u064b \u0648\u0628\u0641\u0636\u0644 \u0627\u0644\u0644\u0647 \u0641\u064a \u0627\u0644\u0628\u0627\u0631\u062d\u0629 \u062a\u0645 \u062a\u0648\u062b\u064a\u0642 \u0627\u0644\u062b\u063a\u0631\u0629 \u0628\u0634\u0643\u0644 \u0643\u0627\u0645\u0644 \u0628\u0625\u0633\u0645 \u0641\u0631\u064a\u0642\u0646\u0627 \u0648\u0647\u0630\u0627 \u0623\u062d\u062f \u0627\u0644\u0631\u062f\u0648\u062f \u0627\u0644\u0631\u0633\u0645\u064a\u0629 \u0627\u0644\u0630\u064a \u064a\u0624\u0643\u062f \u062a\u0648\u062b\u064a\u0642 \u0627\u0644\u062b\u063a\u0631\u0629 \u0628\u0625\u0633\u0645\u0646\u0627.\n\n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n\n> [Suggested description]\n> A critical unauthenticated Remote Code Execution (RCE) vulnerability\n> exists in GetSimpleCMS version 3.3.16. The issue is located in the file\n> /admin/inc/template_functions.php, which fails to properly sanitize\n> input parameters, allowing remote attackers to execute arbitrary\n> commands via specially crafted GET requests. The vulnerability is\n> easily exploitable and does not require authentication.\n> Discovered and verified using a Python exploit script that probes\n> common execution parameters and launches commands remotely.\n> A fix is not currently available at the time of discovery.\n>\n> ------------------------------------------\n>\n> [Additional Information]\n> The exploit script automates detection and command execution using parameters like cmd, exec, run, and shows system response. Demonstrated proof-of-concept confirms unauthenticated RCE via direct GET requests.\n>\n> ------------------------------------------\n>\n> [VulnerabilityType Other]\n> Remote Code Execution (RCE)\n>\n> ------------------------------------------\n>\n> [Vendor of Product]\n> GetSimpleCMS\n>\n> ------------------------------------------\n>\n> [Affected Product Code Base]\n> GetSimpleCMS - 3.3.16\n>\n> ------------------------------------------\n>\n> [Affected Component]\n> admin/inc/template_functions.php\n>\n> ------------------------------------------\n>\n> [Attack Type]\n> Remote\n>\n> ------------------------------------------\n>\n> [Impact Code execution]\n> true\n>\n> ------------------------------------------\n>\n> [Attack Vectors]\n> Unauthenticated attackers can send crafted GET requests with specific parameters (e.g., ?cmd=id) to the vulnerable script to achieve remote command execution.\n>\n> ------------------------------------------\n>\n> [Discoverer]\n> LulzSec Black\n>\n> ------------------------------------------\n>\n> [Reference]\n> http://getsimplecms.com\n\nDuplicate of own request\n\n\n\n> [Suggested description]\n> A Remote Code Execution (RCE) vulnerability exists in GetSimpleCMS\n> 3.3.16. The issue is located in the file\n> /admin/inc/template_functions.php, which fails to properly sanitize\n> input parameters, allowing remote attackers to execute arbitrary\n> commands via specially crafted GET requests.\n>\n> ------------------------------------------\n>\n> [Additional Information]\n> The exploit script automates detection and command execution using parameters like cmd, exec, run, and shows system response. Demonstrated proof-of-concept confirms unauthenticated RCE via direct GET requests.\n>\n> ------------------------------------------\n>\n> [VulnerabilityType Other]\n> Remote Code Execution (RCE)\n>\n> ------------------------------------------\n>\n> [Vendor of Product]\n> GetSimpleCMS\n>\n> ------------------------------------------\n>\n> [Affected Product Code Base]\n> GetSimpleCMS - 3.3.16\n>\n> ------------------------------------------\n>\n> [Affected Component]\n> admin/inc/template_functions.php\n>\n> ------------------------------------------\n>\n> [Attack Type]\n> Remote\n>\n> ------------------------------------------\n>\n> [Impact Code execution]\n> true\n>\n> ------------------------------------------\n>\n> [Attack Vectors]\n> Unauthenticated attackers can send crafted GET requests with specific parameters (e.g., ?cmd=id) to the vulnerable script to achieve remote command execution.\n>\n> ------------------------------------------\n>\n> [Discoverer]\n> LulzSec Black\n>\n> ------------------------------------------\n>\n> [Reference]\n> http://getsimplecms.com\n\nUse CVE-2025-56465.\n\n\n- --\nCVE Assignment Team\nM/S M300, 202 Burlington Road, Bedford, MA 01730 USA\n\n\n\n\u062a\u0645 \u062a\u0648\u062b\u064a\u0642 \u0627\u0644\u062b\u063a\u0631\u0629 \u0641\u064a \u0627\u0644\u0628\u0627\u0631\u062d\u0629 \u0641\u064a \u0627\u0644\u0633\u0627\u0639\u0629 1 \u0644\u064a\u0644\u0627\u064b \u0641\u064a \u062a\u0648\u0642\u064a\u062a \u0641\u0644\u0633\u0637\u064a\u0646 \u0648\u0647\u0630\u0627 \u0631\u0642\u0645 \u0627\u0644\u062b\u063a\u0631\u0629 \n\nCVE-2025-56465", "creation_timestamp": "2025-08-30T12:03:20.000000Z"}]}