CVE-2025-6006 – kiCode111 like-girl SQL Injection Vulnerability

June 12, 2025

CVE ID : CVE-2025-6006

Published : June 12, 2025, 2:15 a.m. | 2 hours, 57 minutes ago

Description : A vulnerability, which was classified as critical, has been found in kiCode111 like-girl 5.2.0. This issue affects some unknown processing of the file /admin/ImgUpdaPost.php. The manipulation of the argument id/imgText/imgDatd/imgUrl leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6007 – “kiCode111 like-girl SQL Injection Vulnerability”

Next Article Urgent GitLab Security Alert: High-Severity Flaws Allow Account Takeover & Code Injection!

Highlights

CVE-2025-6776 – Xiaoyunjie OpenVPN-CMS-Flask Remote Path Traversal

June 27, 2025

CVE ID : CVE-2025-6776

Published : June 27, 2025, 8:15 p.m. | 2 hours, 2 minutes ago

Description : A vulnerability classified as critical was found in xiaoyunjie openvpn-cms-flask up to 1.2.7. This vulnerability affects the function Upload of the file app/plugins/oss/app/controller.py of the component File Upload. The manipulation of the argument image leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.2.8 is able to address this issue. The name of the patch is e23559b98c8ea2957f09978c29f4e512ba789eb6. It is recommended to upgrade the affected component.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-6006 – kiCode111 like-girl SQL Injection Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

CVE-2025-47669 – Sabuj Kundu CBX Map for Google Map & OpenStreetMap Cross-site Scripting

How I used ChatGPT to analyze my massive Kindle library – and the mysteries it revealed

An In-Depth Guide to Firecrawl Playground: Exploring Scrape, Crawl, Map, and Extract Features for Smarter Web Data Extraction

CVE-2025-43950 – “Microsoft DPMAdirektPro DLL Hijacking Privilege Escalation Vulnerability”

CVE-2025-6776 – Xiaoyunjie OpenVPN-CMS-Flask Remote Path Traversal

Evaluating potential cybersecurity threats of advanced AI

Unleashing the Power of AI Functions in Databricks SQL

CVE-2025-48699 – Apache Unintended Exposure

CVE-2025-6006 – kiCode111 like-girl SQL Injection Vulnerability

Related Posts