{"vulnerability": "cve-2025-3204", "sightings": [{"uuid": "8b270fe9-b87c-4ae9-abb9-96b6f6ae9490", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3204", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10385", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3204\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in CodeAstro Car Rental System 1.0. Affected by this issue is some unknown functionality of the file /returncar.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-04T03:00:13.795Z\n\ud83d\udccf Modified: 2025-04-04T03:00:13.795Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303158\n2. https://vuldb.com/?ctiid.303158\n3. https://vuldb.com/?submit.545893\n4. https://github.com/Lanxiy7th/lx_CVE_report-/issues/21\n5. https://codeastro.com/", "creation_timestamp": "2025-04-04T03:35:56.000000Z"}, {"uuid": "fe004c8f-8dfc-4420-ba1f-cfb2d3baade8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32044", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13448", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32044\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: A flaw has been identified in Moodle where, on certain sites, unauthenticated users could retrieve sensitive user data\u2014including names, contact information, and hashed passwords\u2014via stack traces returned by specific API calls. Sites with PHP configured with zend.exception_ignore_args = 1 in the php.ini file are not affected by this vulnerability.\n\ud83d\udccf Published: 2025-04-25T14:43:22.142Z\n\ud83d\udccf Modified: 2025-04-25T14:43:22.142Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2025-32044\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2356829", "creation_timestamp": "2025-04-25T15:07:48.000000Z"}, {"uuid": "4209d376-e8c5-486e-a657-4b137836ac34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32045", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13446", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32045\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: A flaw has been identified in Moodle where insufficient capability checks in certain grade reports allowed users without the necessary permissions to access hidden grades.\n\ud83d\udccf Published: 2025-04-25T14:43:54.071Z\n\ud83d\udccf Modified: 2025-04-25T14:43:54.071Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2025-32045\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2356835", "creation_timestamp": "2025-04-25T15:07:46.000000Z"}, {"uuid": "6f27a6cd-bdc2-4902-9e7c-b15f063f0440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32049", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llw6jw5lnn2h", "content": "", "creation_timestamp": "2025-04-03T15:07:12.840372Z"}, {"uuid": "a67e98de-8d4d-4834-b498-0050ebb8756c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32049", "type": "seen", "source": "https://t.me/cvedetector/21981", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32049 - Libsoup WebSocket Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32049 \nPublished : April 3, 2025, 2:15 p.m. | 41\u00a0minutes ago \nDescription : A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS). \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T17:44:36.000000Z"}, {"uuid": "4353ebba-5373-47a7-9cba-e7e27328583b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32049", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15836", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32049\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS).\n\ud83d\udccf Published: 2025-04-03T13:36:13.035Z\n\ud83d\udccf Modified: 2025-05-09T20:15:48.179Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2025-32049\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2357066", "creation_timestamp": "2025-05-09T20:26:09.000000Z"}, {"uuid": "24d256af-4b39-433d-a58c-2b531f1bb88e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3204", "type": "seen", "source": "https://t.me/cvedetector/22061", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3204 - CodeAstro Car Rental System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3204 \nPublished : April 4, 2025, 3:15 a.m. | 28\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in CodeAstro Car Rental System 1.0. Affected by this issue is some unknown functionality of the file /returncar.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T06:18:03.000000Z"}]}