{"vulnerability": "cve-2025-5292", "sightings": [{"uuid": "a9e9363b-35a9-4441-96c6-e708554e0cc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52925", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsxtwhbvzy2s", "content": "", "creation_timestamp": "2025-07-02T08:59:01.537460Z"}, {"uuid": "cf78d37a-f33a-43e3-b225-616fc8d200fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52926", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsajovecga2p", "content": "", "creation_timestamp": "2025-06-23T02:24:36.604195Z"}, {"uuid": "9b1db174-4567-4da2-b0f0-f152613646b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5292", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqh6zl7unqc2", "content": "", "creation_timestamp": "2025-05-31T07:12:08.157694Z"}, {"uuid": "edc04651-2a0c-40a2-868e-8f5e0e3db577", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52921", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsbuxyhber2k", "content": "", "creation_timestamp": "2025-06-23T15:19:12.640056Z"}, {"uuid": "58bb5623-4ef3-4107-9e09-1da4e2bbf7f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5292", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqhogp32z62p", "content": "", "creation_timestamp": "2025-05-31T11:47:45.019289Z"}, {"uuid": "67479d1b-92db-4bca-ad40-4f2f803059e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52923", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ls66sml4vd2m", "content": "", "creation_timestamp": "2025-06-22T04:04:30.858813Z"}, {"uuid": "acc89be2-aa56-4269-96f9-14958840cb62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52924", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3luccqi7tl22i", "content": "", "creation_timestamp": "2025-07-19T06:15:56.301043Z"}, {"uuid": "89256b0e-f9a4-49d6-bac0-e71dd39efafd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52923", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19141", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52923\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N)\n\ud83d\udd39 Description: Sangfor aTrust through 2.4.10 allows users to modify the ExecStartPre command.\n\ud83d\udccf Published: 2025-06-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-22T00:34:43.401Z\n\ud83d\udd17 References:\n1. https://github.com/r00t7oo2jm/cVetest/blob/main/p0c.sh\n2. https://github.com/r00t7oo2jm/cVetest/blob/main/sangf0r-poc.pdf\n3. https://marketplace.huaweicloud.com/intl/contents/10d76e5f-57b5-4780-9c0c-58af8f7f71e6\n4. https://community.sangfor.com/forum.php?mod=viewthread&tid=10842", "creation_timestamp": "2025-06-22T00:44:15.000000Z"}, {"uuid": "3ed4f73a-d02e-4f46-adde-bddddae3e4be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52921", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19197", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52921\n\ud83d\udd25 CVSS Score: 9.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L)\n\ud83d\udd39 Description: In Innoshop through 0.4.1, an authenticated attacker could exploit the File Manager functions in the admin panel to achieve code execution on the server, by uploading a crafted file and then renaming it to have a .php extension by using the Rename Function. This bypasses the initial check that uploaded files are image files. The application relies on frontend checks to restrict the administrator from changing the extension of uploaded files to .php. This restriction is easily bypassed with any proxy tool (e.g., BurpSuite). Once the attacker renames the file, and gives it the .php extension, a GET request can be used to trigger the execution of code on the server.\n\ud83d\udccf Published: 2025-06-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-23T11:50:18.561Z\n\ud83d\udd17 References:\n1. https://github.com/innocommerce/innoshop\n2. https://medium.com/@The_Hiker/how-i-found-multiple-cves-in-innoshop-0-4-1-12c8f84ad87f", "creation_timestamp": "2025-06-23T12:47:50.000000Z"}, {"uuid": "e3bedef6-0b97-4e64-baa1-d4d2f3300237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52922", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19196", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52922\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Innoshop through 0.4.1 allows directory traversal via FileManager API endpoints. An authenticated attacker with access to the admin panel could abuse this to: (1) fully map the filesystem structure via the /api/file_manager/files?base_folder= endpoint, (2) create arbitrary directories on the server via the /api/file_manager/directories endpoint, (3) read arbitrary files from the server by copying the file to a readable location within the application via the /api/file_manager/copy_files endpoint, {4) delete arbitrary files from the server via a DELETE request to /api/file_manager/files, or (5) create arbitrary files on the server by uploading them and then leveraging the /api/file_manager/move_files endpoint to move them anywhere in the filesystem.\n\ud83d\udccf Published: 2025-06-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-23T11:54:25.537Z\n\ud83d\udd17 References:\n1. https://github.com/innocommerce/innoshop\n2. https://medium.com/@The_Hiker/how-i-found-multiple-cves-in-innoshop-0-4-1-12c8f84ad87f", "creation_timestamp": "2025-06-23T12:47:49.000000Z"}, {"uuid": "e63be489-d433-442b-82d4-c3514bd91f63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52926", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19200", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52926\n\ud83d\udd25 CVSS Score: 2.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N)\n\ud83d\udd39 Description: In scan.rs in spytrap-adb before 0.3.5, matches for known stalkerware are not rendered in the interactive user interface.\n\ud83d\udccf Published: 2025-06-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-23T13:16:00.737Z\n\ud83d\udd17 References:\n1. https://github.com/spytrap-org/spytrap-adb/pull/65\n2. https://github.com/spytrap-org/spytrap-adb/commit/277cec542466b75cf5a8c532581243fd4b7b9713\n3. https://github.com/spytrap-org/spytrap-adb/releases/tag/v0.3.5", "creation_timestamp": "2025-06-23T13:44:40.000000Z"}, {"uuid": "5f922ef2-a456-4472-807f-dd037b142646", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52921", "type": "published-proof-of-concept", "source": "Telegram/HXBqyCxgvMHLtEfnDSGBXVUAF1NVCNReOpP5SUo5lvs4FM4", "content": "", "creation_timestamp": "2025-06-23T12:01:46.000000Z"}]}