CVE-2025-6005 – “kiCode111 like-girl SQL Injection”

June 12, 2025

CVE ID : CVE-2025-6005

Published : June 12, 2025, 2:15 a.m. | 2 hours, 57 minutes ago

Description : A vulnerability classified as critical was found in kiCode111 like-girl 5.2.0. This vulnerability affects unknown code of the file /admin/aboutPost.php. The manipulation of the argument title/aboutimg/info1/info2/info3/btn1/btn2/infox1/infox2/infox3/infox4/infox5/infox6/btnx2/infof1/infof2/infof3/infof4/btnf3/infod1/infod2/infod3/infod4/infod5 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2023-36636 – Apache HTTP Server File Inclusion

Next Article CVE-2025-6008 – KiCode111 like-girl SQL Injection Vulnerability

Highlights

CVE-2025-5287 – WordPress Likes and Dislikes Plugin SQL Injection

May 28, 2025

CVE ID : CVE-2025-5287

Published : May 28, 2025, 9:15 a.m. | 2 hours, 20 minutes ago

Description : The Likes and Dislikes Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘post’ parameter in all versions up to, and including, 1.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Web Components: Working With Shadow DOM

Google’s new Opal tool allows users to create mini AI apps with no coding required

Designing Better UX For Left-Handed People

This week in AI dev tools: Gemini 2.5 Flash-Lite, GitLab Duo Agent Platform beta, and more (July 25, 2025)

Microsoft wants you to chat with its browser now – but can you trust this Copilot?

I tested the Dell XPS’ successor – here are the biggest upgrades (and what’s the same)

I’m a Linux pro – here are my top 5 command line backup tools for desktops and servers

Should you buy a refurbished iPad? I tried one from Back Market and here’s my verdict

elegantweb/sanitizer

elegantweb/sanitizer

Streamlined String Encryption with Laravel’s Fluent Methods

Resume PHP

Gamers bypass UK age verification with Death Stranding — no real face or VPN required

Gamers bypass UK age verification with Death Stranding — no real face or VPN required

New Xbox games launching this week, from July 28 through August 3 — Grounded 2 arrives on Xbox Game Pass

TikTok’s owner forked Microsoft’s Visual Studio Code and concerns have been raised — reports suggest it’s resource heavy and never stops ‘phoning home’

CVE-2025-6005 – “kiCode111 like-girl SQL Injection”

Tea Dating Advice app spills sensitive data

Critical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems Worldwide

Managed Payroll Services for Hospitality

CVE-2025-6865 – DaiCuo Cross-Site Request Forgery (CSRF) Vulnerability

CVE-2025-5710 – “Code-projects Real Estate Property Management System SQL Injection Vulnerability”

Dune: Awakening is already making big waves before it’s even fully released

CVE-2025-5287 – WordPress Likes and Dislikes Plugin SQL Injection

We’re expanding our Gemini 2.5 family of models

CVE-2025-4544 – D-Link DI-8100 Jhttpd Stack-Based Buffer Overflow Vulnerability

10 Best Free and Open Source Linux Document Processors

CVE-2025-6005 – “kiCode111 like-girl SQL Injection”

Related Posts