{"vulnerability": "cve-2025-25361", "sightings": [{"uuid": "4e09d19e-0942-4717-bea7-de871f76a442", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25361", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114123350572256091", "content": "", "creation_timestamp": "2025-03-07T21:49:00.509385Z"}, {"uuid": "69c7b429-4281-4454-b5ab-b9bdf7f92277", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25361", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3ljt7py5gfq2y", "content": "", "creation_timestamp": "2025-03-08T00:00:06.361957Z"}, {"uuid": "ab9c27f4-c568-43c3-9e7c-fc776c4a5f94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25361", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6883", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25361\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An arbitrary file upload vulnerability in the component /cms/CmsWebFileAdminController.java of PublicCMS v4.0.202406 allows attackers to execute arbitrary code via uploading a crafted svg or xml file.\n\ud83d\udccf Published: 2025-03-06T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-07T19:48:51.354Z\n\ud83d\udd17 References:\n1. https://github.com/c0rdXy/POC/blob/master/CVE/PublicCMS/XSS_02/XSS_02.md", "creation_timestamp": "2025-03-07T20:40:30.000000Z"}, {"uuid": "cba472bf-ff2e-453b-9aa4-9efb48c80fd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25361", "type": "seen", "source": "MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3", "content": "", "creation_timestamp": "2025-08-18T13:31:23.000000Z"}, {"uuid": "05a7d033-ae93-416d-892a-5dbb852e095e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25361", "type": "seen", "source": "MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3", "content": "", "creation_timestamp": "2025-08-19T02:47:42.000000Z"}, {"uuid": "6cf3ea04-9065-4a29-a045-0eb5dd0d1695", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25361", "type": "seen", "source": "https://t.me/cvedetector/19740", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25361 - PublicCMS Arbitrary Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25361 \nPublished : March 6, 2025, 7:15 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : An arbitrary file upload vulnerability in the component /cms/CmsWebFileAdminController.java of PublicCMS v4.0.202406 allows attackers to execute arbitrary code via uploading a crafted svg or xml file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-06T22:12:27.000000Z"}, {"uuid": "66379be2-8f53-46ab-beee-d1cfed73c581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25361", "type": "seen", "source": "Telegram/7IuFFCL9Ovx5DaPeELjn4IUeEmdMvGD6YyPU4TwE88jOs6Yy", "content": "", "creation_timestamp": "2025-03-08T04:35:53.000000Z"}]}