{"vulnerability": "cve-2025-3168", "sightings": [{"uuid": "cdf2e604-432d-4ffa-8551-cd776187adb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3168", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10286", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3168\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in PHPGurukul Time Table Generator System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit-class.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-03T17:00:10.302Z\n\ud83d\udccf Modified: 2025-04-03T17:00:10.302Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303127\n2. https://vuldb.com/?ctiid.303127\n3. https://vuldb.com/?submit.543172\n4. https://github.com/p1026/CVE/issues/2\n5. https://phpgurukul.com/", "creation_timestamp": "2025-04-03T17:35:41.000000Z"}, {"uuid": "a9b824bb-37c2-4dcf-b512-5ada94e3eb09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31688", "type": "seen", "source": "https://t.me/cvedetector/21667", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31688 - Drupal Configuration Split CSRF\", \n  \"Content\": \"CVE ID : CVE-2025-31688 \nPublished : March 31, 2025, 10:15 p.m. | 51\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Drupal Configuration Split allows Cross Site Request Forgery.This issue affects Configuration Split: from 0.0.0 before 1.10.0, from 2.0.0 before 2.0.2. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T01:54:38.000000Z"}, {"uuid": "25f24131-1215-449f-9add-56afef6d01be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3168", "type": "seen", "source": "https://t.me/cvedetector/22011", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3168 - PHPGurukul Time Table Generator System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3168 \nPublished : April 3, 2025, 5:15 p.m. | 1\u00a0hour, 56\u00a0minutes ago \nDescription : A vulnerability was found in PHPGurukul Time Table Generator System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit-class.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T21:55:46.000000Z"}, {"uuid": "0aeffbd2-c4c1-4ca8-a211-b06ed07c7b4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31687", "type": "seen", "source": "https://t.me/cvedetector/21666", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31687 - Drupal SpamSpan Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-31687 \nPublished : March 31, 2025, 10:15 p.m. | 51\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal SpamSpan filter allows Cross-Site Scripting (XSS).This issue affects SpamSpan filter: from 0.0.0 before 3.2.1. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T01:54:34.000000Z"}, {"uuid": "f061e457-7f08-4dfb-82a4-57ca9997b391", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31686", "type": "seen", "source": "https://t.me/cvedetector/21665", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31686 - Drupal Open Social Authorization Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-31686 \nPublished : March 31, 2025, 10:15 p.m. | 51\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T01:54:33.000000Z"}, {"uuid": "e43bc6c6-7e82-485d-aa97-dab400c1d66a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31689", "type": "seen", "source": "https://t.me/cvedetector/21673", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31689 - Drupal General Data Protection Regulation CSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31689 \nPublished : March 31, 2025, 10:15 p.m. | 51\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Drupal General Data Protection Regulation allows Cross Site Request Forgery.This issue affects General Data Protection Regulation: from 0.0.0 before 3.0.1, from 3.1.0 before 3.1.2. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T01:54:45.000000Z"}, {"uuid": "0b3199c6-478f-4f5c-800f-a6ad4bd8e80e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31685", "type": "seen", "source": "https://t.me/cvedetector/21672", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31685 - Drupal Open Social Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31685 \nPublished : March 31, 2025, 10:15 p.m. | 51\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T01:54:44.000000Z"}]}