{"vulnerability": "CVE-2025-2295", "sightings": [{"uuid": "e2e2b45b-bbaa-4cab-a608-94c8eee0d7a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22957", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113941447164845668", "content": "", "creation_timestamp": "2025-02-03T18:48:44.247408Z"}, {"uuid": "0470a67e-3f82-4ad3-b6a1-9830f0c07078", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22957", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lh2iss3sya2f", "content": "", "creation_timestamp": "2025-01-31T17:15:47.194505Z"}, {"uuid": "f1f9a690-c3bf-46c0-8b81-1e4e397cfb68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22953", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llpaxse6fw2c", "content": "", "creation_timestamp": "2025-03-31T21:02:08.491621Z"}, {"uuid": "e474b96f-d4ff-4ae1-8f35-0617397ad3fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22954", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lkmqdw7umc2n", "content": "", "creation_timestamp": "2025-03-18T03:34:08.804748Z"}, {"uuid": "91a0498c-e432-4f64-9041-64cf54756b3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22957", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lh2xd7awqq2q", "content": "", "creation_timestamp": "2025-01-31T21:35:32.628753Z"}, {"uuid": "17707132-0683-44e2-a478-a410eff9fb5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22954", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3lkkntpfepk2c", "content": "", "creation_timestamp": "2025-03-17T07:43:58.788685Z"}, {"uuid": "284b3d5e-a964-4375-b99e-38303d973d72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22952", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mjfrbmds7i2f", "content": "", "creation_timestamp": "2026-04-13T21:03:09.529768Z"}, {"uuid": "3daa6a69-e7cb-47b1-9bd0-7e669344885a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22954", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lltzfwutsk2n", "content": "", "creation_timestamp": "2025-04-02T18:30:10.055439Z"}, {"uuid": "fe7996e6-da57-4bad-b6af-f6c421cfb253", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22954", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114153547594880534", "content": "", "creation_timestamp": "2025-03-13T05:48:24.091193Z"}, {"uuid": "27de74ec-c2aa-4f05-bece-29397214dbe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22952", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-22952.yaml", "content": "", "creation_timestamp": "2025-03-04T11:20:50.000000Z"}, {"uuid": "3c605824-635d-4f08-8cdb-dfa505765b1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22952", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ljnutmnrev2q", "content": "", "creation_timestamp": "2025-03-05T21:02:01.684910Z"}, {"uuid": "4f912409-71a4-42fa-a9ef-5d50f0cd8000", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22952", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj6v7znxps25", "content": "", "creation_timestamp": "2025-02-27T21:59:03.031722Z"}, {"uuid": "4c6b07dd-c321-4877-817f-3355f78f31cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22956", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lydiabs6yl26", "content": "", "creation_timestamp": "2025-09-08T15:07:41.428931Z"}, {"uuid": "13211e1f-fbdd-4d15-8ca3-99e28f9c764e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22953", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9999", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22953\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A SQL injection vulnerability exists in the Epicor HCM 2021 1.9, specifically in the filter parameter of the JsonFetcher.svc endpoint. An attacker can exploit this vulnerability by injecting malicious SQL payloads into the filter parameter, enabling the unauthorized execution of arbitrary SQL commands on the backend database. If certain features (like xp_cmdshell) are enabled, this may lead to remote code execution.\n\ud83d\udccf Published: 2025-03-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-01T18:59:01.725Z\n\ud83d\udd17 References:\n1. https://tinted-hollyhock-92d.notion.site/EPICOR-HCM-Unauthenticated-Blind-SQL-Injection-CVE-2025-22953-170f1fdee211803988d1c9255a8cb904?pvs=4", "creation_timestamp": "2025-04-01T19:32:40.000000Z"}, {"uuid": "266af514-6f2f-4b6f-be85-4aa8b76b0b53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22953", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/24458", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aEPICOR HCM Unauthenticated Blind SQL Injection CVE-2025-22953\nURL\uff1ahttps://github.com/maliktawfiq/CVE-2025-22953\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-25T14:50:41.000000Z"}, {"uuid": "dc53afd3-1a20-48d7-911b-633caef2fc99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22954", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7392", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22954\n\ud83d\udd25 CVSS Score: 10 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: GetLateOrMissingIssues in C4/Serials.pm in Koha before 24.11.02 allows SQL Injection in /serials/lateissues-export.pl via the supplierid or serialid parameter.\n\ud83d\udccf Published: 2025-03-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-13T03:22:11.330Z\n\ud83d\udd17 References:\n1. https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38829\n2. https://koha-community.org/koha-24-11-02-released/", "creation_timestamp": "2025-03-13T03:44:00.000000Z"}, {"uuid": "dd719e34-c881-419b-af79-c1e08128e94d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22953", "type": "published-proof-of-concept", "source": "https://t.me/cKure/14509", "content": "\ud83d\udea8Zero-Day: EPICOR HCM Unauthenticated Blind SQL Injection CVE-2025-22953.\n\nhttps://tinted-hollyhock-92d.notion.site/EPICOR-HCM-Unauthenticated-Blind-SQL-Injection-CVE-2025-22953-170f1fdee211803988d1c9255a8cb904", "creation_timestamp": "2025-04-11T16:25:10.000000Z"}, {"uuid": "8122b94a-f862-4847-9c20-2c901039144d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22952", "type": "seen", "source": "https://t.me/cvedetector/19091", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22952 - Elestio Memos SSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22952 \nPublished : Feb. 27, 2025, 8:16 p.m. | 1\u00a0hour, 21\u00a0minutes ago \nDescription : elestio memos v0.23.0 is vulnerable to Server-Side Request Forgery (SSRF) due to insufficient validation of user-supplied URLs, which can be exploited to perform SSRF attacks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T23:27:09.000000Z"}, {"uuid": "be7fc79d-31af-41ce-805e-26b9675795dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2295", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7641", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2295\n\ud83d\udd25 CVSS Score: 3.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.\n\ud83d\udccf Published: 2025-03-14T21:35:10.484Z\n\ud83d\udccf Modified: 2025-03-14T21:35:10.484Z\n\ud83d\udd17 References:\n1. https://github.com/tianocore/edk2/security/advisories/GHSA-8522-69fh-w74x", "creation_timestamp": "2025-03-14T21:44:50.000000Z"}, {"uuid": "43502f67-53b0-47f8-a8ca-aa470a6fba09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22957", "type": "seen", "source": "https://t.me/cvedetector/16958", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22957 - ZZCMS SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22957 \nPublished : Jan. 31, 2025, 5:15 p.m. | 46\u00a0minutes ago \nDescription : A SQL injection vulnerability exists in the front-end of the website in ZZCMS <=\nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T19:34:14.000000Z"}, {"uuid": "957a8397-376c-4244-bfc5-30204876a7c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/20830", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aKoha CVE-2025-22954: SQL Injection in lateissues-export.pl\nURL\uff1ahttps://github.com/RandomRobbieBF/CVE-2025-22954\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-19T10:51:22.000000Z"}, {"uuid": "76dfb475-3c10-4808-bf3b-e37236429882", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22953", "type": "seen", "source": "https://t.me/cvedetector/21486", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22953 - Epicor HCM SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22953 \nPublished : March 28, 2025, 9:15 p.m. | 1\u00a0hour, 31\u00a0minutes ago \nDescription : A SQL injection vulnerability exists in the Epicor HCM 2021 1.9, specifically in the filter parameter of the JsonFetcher.svc endpoint. An attacker can exploit this vulnerability by injecting malicious SQL payloads into the filter parameter, enabling the unauthorized execution of arbitrary SQL commands on the backend database. If certain features (like xp_cmdshell) are enabled, this may lead to remote code execution. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-29T00:27:05.000000Z"}, {"uuid": "a9461642-7952-45c3-b72f-fe37ca6aed53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2295", "type": "seen", "source": "https://t.me/cvedetector/20346", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2295 - EDK2 BIOS Integer Overflow Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2025-2295 \nPublished : March 14, 2025, 10:15 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-15T01:04:36.000000Z"}, {"uuid": "e213d3e5-9bb9-4349-979f-1f6f594d3326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22953", "type": "published-proof-of-concept", "source": "Telegram/L3OQWyFXIDuBTb5X7IVK8qlZIFeWgBwzmFWxcaWItD6ixjM", "content": "", "creation_timestamp": "2025-03-26T16:00:08.000000Z"}, {"uuid": "93d4e666-a0cc-4189-9e5c-85ff35f0a25d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22954", "type": "published-proof-of-concept", "source": "Telegram/9N8mHD7mWBsKeVZEOYTx-v53JFBxxjYSVzH76Lui5Pa0DYw", "content": "", "creation_timestamp": "2025-03-19T16:00:07.000000Z"}, {"uuid": "f02881aa-3402-4bd7-a938-efa90b105af6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22953", "type": "published-proof-of-concept", "source": "Telegram/Oj1Gm0LSQ6zMYq9CDOc6JWlWhSvAkbg9hPN2p7tpqu4VtaY", "content": "", "creation_timestamp": "2025-03-25T22:00:06.000000Z"}]}