{"vulnerability": "cve-2025-4895", "sightings": [{"uuid": "c2dc8e3e-dfe1-4b23-84f1-c6012b295224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48953", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqq746lhru2e", "content": "", "creation_timestamp": "2025-06-03T21:07:23.739933Z"}, {"uuid": "3bde7a60-4e45-4ba5-9057-5b3fddbb2920", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48951", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lr2slldee222", "content": "", "creation_timestamp": "2025-06-08T02:22:40.338896Z"}, {"uuid": "7fe7f837-b490-427e-afe1-1d5a5d74420b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48958", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqmuuegbrzy2", "content": "", "creation_timestamp": "2025-06-02T13:28:51.174770Z"}, {"uuid": "80a08bb3-8efb-4f25-8831-924a23999477", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48959", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqrtbgiumr2a", "content": "", "creation_timestamp": "2025-06-04T12:40:54.324007Z"}, {"uuid": "bf8deb08-83e7-4757-bdd7-acbd4dfee68a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48959", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqrytuoeyab2", "content": "", "creation_timestamp": "2025-06-04T14:21:04.782462Z"}, {"uuid": "26d9ed69-0308-4e66-bdc2-99d4d1402135", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48951", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lqtk7bbq742s", "content": "", "creation_timestamp": "2025-06-05T05:03:58.421614Z"}, {"uuid": "5c659f3b-6edc-4af7-a0cc-e0dd1998f191", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48952", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114797506148304132", "content": "", "creation_timestamp": "2025-07-04T23:15:32.687094Z"}, {"uuid": "6e871757-3ee0-4e51-a887-e7ab456ecf7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48953", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqpzkizmdjm2", "content": "", "creation_timestamp": "2025-06-03T19:28:39.396208Z"}, {"uuid": "60e2da6c-7f8c-4401-b666-e0875677af25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48950", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqpzkod724m2", "content": "", "creation_timestamp": "2025-06-03T19:28:40.204222Z"}, {"uuid": "b5442e03-1bfb-4353-9681-5a00069426f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48951", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqql3p4lyu2s", "content": "", "creation_timestamp": "2025-06-04T00:41:52.627570Z"}, {"uuid": "6a98e458-a9d1-48ca-9126-4efc5ccfd3f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48952", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/114813646081481340", "content": "", "creation_timestamp": "2025-07-07T19:40:08.617976Z"}, {"uuid": "e008fa17-6a4e-4327-a31a-d81ff91c63fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48952", "type": "seen", "source": "https://bsky.app/profile/darkwebinformer.com/post/3ltfk3gahek2g", "content": "", "creation_timestamp": "2025-07-07T19:40:12.249290Z"}, {"uuid": "9f309ca7-a36e-42c2-bb59-d57b0ecdcc6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48950", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqq7e6aoqu2a", "content": "", "creation_timestamp": "2025-06-03T21:11:51.674305Z"}, {"uuid": "ae491cff-a43a-464d-8f5a-ceee98d19ad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48954", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvr4oarrgz2a", "content": "", "creation_timestamp": "2025-08-06T21:02:30.845695Z"}, {"uuid": "282ddede-d72e-4a6d-a471-7473a96eacce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48954", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-48954.yaml", "content": "", "creation_timestamp": "2025-08-05T19:56:00.000000Z"}, {"uuid": "0695a894-f136-4c24-a78f-2304c6033725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48954", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19462", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48954\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: Discourse is an open-source discussion platform. Versions prior to 3.5.0.beta6 are vulnerable to cross-site scripting when the content security policy isn't enabled when using social logins. Version 3.5.0.beta6 patches the issue. As a workaround, have the content security policy enabled.\n\ud83d\udccf Published: 2025-06-25T14:02:46.515Z\n\ud83d\udccf Modified: 2025-06-25T14:19:13.945Z\n\ud83d\udd17 References:\n1. https://github.com/discourse/discourse/security/advisories/GHSA-26p5-mjjh-wfcf", "creation_timestamp": "2025-06-25T14:51:34.000000Z"}, {"uuid": "576d0a97-2c48-480c-ab45-039dc10b942c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48956", "type": "seen", "source": "https://bsky.app/profile/checkmarxzero.bsky.social/post/3lwzh7ejqip2s", "content": "", "creation_timestamp": "2025-08-22T21:57:28.700216Z"}, {"uuid": "9441ed29-2a7b-4392-9f2b-c9b430f11ddf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-48957", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3lx6thmbcmn23", "content": "", "creation_timestamp": "2025-08-25T01:20:08.077215Z"}, {"uuid": "44d224f3-0d3e-44fd-9fed-f50c12148f70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48957", "type": "published-proof-of-concept", "source": "https://t.me/realcodeb0ss/178", "content": "", "creation_timestamp": "2025-11-19T17:11:11.000000Z"}, {"uuid": "05e1015d-fedf-48c4-9aee-f8eae109eb5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4895", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16780", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4895\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/delete-session.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-18T20:31:05.404Z\n\ud83d\udccf Modified: 2025-05-18T20:31:05.404Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.309449\n2. https://vuldb.com/?ctiid.309449\n3. https://vuldb.com/?submit.578022\n4. https://github.com/Xiaoyi-ing/CVE/issues/11\n5. https://www.sourcecodester.com/", "creation_timestamp": "2025-05-18T21:37:24.000000Z"}, {"uuid": "93094c6e-dd54-4b19-8fa8-beff5be42b22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48957", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19248", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48957\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: AstrBot is a large language model chatbot and development framework. A path traversal vulnerability present in versions 3.4.4 through 3.5.12 may lead to information disclosure, such as API keys for LLM providers, account passwords, and other sensitive data. The vulnerability has been addressed in Pull Request #1676 and is included in version 3.5.13. As a workaround, users can edit the `cmd_config.json` file to disable the dashboard feature as a temporary workaround. However, it is strongly recommended to upgrade to version v3.5.13 or later to fully resolve this issue.\n\ud83d\udccf Published: 2025-06-02T11:16:14.370Z\n\ud83d\udccf Modified: 2025-06-23T18:03:57.703Z\n\ud83d\udd17 References:\n1. https://github.com/AstrBotDevs/AstrBot/security/advisories/GHSA-cq37-g2qp-3c2p\n2. https://github.com/AstrBotDevs/AstrBot/issues/1675\n3. https://github.com/AstrBotDevs/AstrBot/pull/1676\n4. https://github.com/AstrBotDevs/AstrBot/commit/cceadf222c46813c7f41115b40d371e7eb91e492", "creation_timestamp": "2025-06-23T18:50:43.000000Z"}, {"uuid": "564a15f1-fd19-42d4-949f-b6f845811184", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48952", "type": "published-proof-of-concept", "source": "Telegram/84odOWG29NERs2YXjdw5sO46oW-VY4veM5g9A83J8YKDeEE", "content": "", "creation_timestamp": "2025-07-10T19:43:10.000000Z"}, {"uuid": "e8e5a265-90a2-49ee-a19c-4143310bf989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48952", "type": "published-proof-of-concept", "source": "https://t.me/cybersecplayground/253", "content": "\ud83d\udea8 Alert: CVE-2025-48952 \u2013 Password Bypass in NetAlertX \ud83d\udea8\nDue to loose comparison in PHP, attackers can bypass authentication without knowing the correct password!\n\n\ud83d\udd25 Vulnerability Type:\nWeak equality check (== instead of ===) allows login bypass using special inputs like 0, false, or specific crafted passwords.\n\n\ud83d\udd13 Impact:\n\ud83d\udd39 Unauthenticated access to the web interface\n\ud83d\udd39 Possible full system control depending on configuration\n\n\ud83d\udca5 PoC & Details:\n\ud83d\udd17 GitHub Advisory\n\ud83d\udca3 Exploit Code Included \u2013 Ready to test!\n\n\ud83d\udef0 Attack Surface Scan\n\n\ud83d\udd75\ufe0f\u200d\u2642\ufe0f Hunter Dork\nproduct.name=\"NetAlertX\"\n\ud83c\udf10 Hunter Search\n\n\ud83e\udde0 Why It Matters:\nLoose type comparison in PHP can be fatal. Always use === for secure checks!\n\n\ud83d\udce2 Stay informed with @cybersecplayground \u2014 we drop daily 0days, PoCs & hunting tips!\n\n#CVE2025_48952 #NetAlertX #bugbounty #infosec #php #passwordbypass #hunterhow #cybersecplayground #OSINT #RCE #authbypass", "creation_timestamp": "2025-07-10T19:42:23.000000Z"}, {"uuid": "c735c41c-c0bd-4d64-bb49-86eee88e13b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48952", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/18826", "content": "\ud83d\udea8CVE-2025-48952: NetAlertX Password Bypass Vulnerability due to Loose Comparison in PHP\n\nPoC and Advisory: https://github.com/jokob-sk/NetAlertX/security/advisories/GHSA-4p4p-vq2v-9489\n\nDetails: https://www.cvedetails.com/cve/CVE-2025-48952/\n\nCVSS: 9.4", "creation_timestamp": "2025-07-07T19:39:48.000000Z"}, {"uuid": "821251cd-e7e5-4ec2-b13e-9b1427566ad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48957", "type": "published-proof-of-concept", "source": "Telegram/rXYL1lXWkEU6X4s-B12vmJDiUkp3J5RpkWN8Rf8Wlc0XZWI", "content": "", "creation_timestamp": "2025-06-02T12:01:30.000000Z"}, {"uuid": "8dfeb3de-16bb-478e-b539-dc43e599da92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-48958", "type": "published-proof-of-concept", "source": "https://github.com/froxlor/froxlor/security/advisories/GHSA-26xq-m8xw-6373", "content": "", "creation_timestamp": "2025-03-11T20:06:26.000000Z"}]}