CVE-2025-6173 – Webkul QloApps SQL Injection

June 17, 2025

CVE ID : CVE-2025-6173

Published : June 17, 2025, 7:15 a.m. | 3 hours, 10 minutes ago

Description : A vulnerability classified as critical was found in Webkul QloApps 1.6.1. Affected by this vulnerability is an unknown functionality of the file /admin/ajax_products_list.php. The manipulation of the argument packItself leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor confirms the existence of this flaw but considers it a low-level issue due to admin privilege pre-requisites. Still, a fix is planned for a future release.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-40674 – osCommerce Reflected Cross-Site Scripting (XSS)

Next Article CVE-2025-6167 – Themanojdesai Python-A2A Path Traversal Vulnerability

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

The Core Model: Start FROM The Answer, Not WITH The Solution

Finally, a sleek gaming laptop I can take to the office (without sacrificing power)

These jobs face the highest risk of AI takeover, according to Microsoft

Apple’s tariff costs and iPhone sales are soaring – how long until device prices are too?

5 ways to successfully integrate AI agents into your workplace

Write Faster With WordPress’ Shortcodes

Write Faster With WordPress’ Shortcodes

Build, Run, and Integrate Your Own LLM with Ollama

How to install IoT platform — Total.js

YouTube wants to use AI to treat “teens as teens and adults as adults” — with the most age-appropriate experiences and protections

YouTube wants to use AI to treat “teens as teens and adults as adults” — with the most age-appropriate experiences and protections

Sam Altman is afraid of OpenAI’s GPT-5 creation — “The Manhattan Project feels very fast, like there are no adults in the room”

9 new features that arrived on the Windows 11 Insider Program during the second half of July 2025

CVE-2025-6173 – Webkul QloApps SQL Injection

This month in security with Tony Anscombe – July 2025 edition

WordPress AI Engine Plugin Bug Allows Remote Code Execution – Update Now

CVE-2025-5975 – PHPGurukul Rail Pass Management System Cross Site Scripting Vulnerability

CVE-2025-52883 – Meshtastic-Android PKC Impersonation Vulnerability

SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack

DistroWatch Weekly, Issue 1122

Accelerate generative AI inference with NVIDIA Dynamo and Amazon EKS

CVE-2025-6222 – “WooCommerce Refund And Exchange with RMA – Warranty Management, Refund Policy, Manage User Wallet Arbitrary File Upload Vulnerability”

Rilasciato Wine 10.10: Risolti problemi in Steam, F.E.A.R. e altri giochi

Windows 11 Firewall with Advanced Security flags up errors in “under development” code — but it’s nothing to worry about

CVE-2025-6173 – Webkul QloApps SQL Injection

Related Posts