CVE-2025-6005
BaseFortify
Publication date: 2025-06-12
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| kicode111 | like-girl | 5.2.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6005 is a critical SQL injection vulnerability in the like-girl version 5.2.0 software, specifically in the file /admin/aboutPost.php. The vulnerability occurs because user-controllable input parameters such as 'title' and others are directly concatenated into SQL queries without proper sanitization or parameterization. This allows an attacker to inject malicious SQL code remotely, potentially compromising the backend database by manipulating or extracting data. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can allow attackers to execute arbitrary SQL commands on the backend database, leading to potential data leakage, unauthorized data modification, and disruption of system availability. Exploitation affects the confidentiality, integrity, and availability of the system. Although exploitation requires authentication, it can be performed remotely and is considered easy with publicly available proof-of-concept exploits. [2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by crafting a POST request to /admin/aboutPost.php with the vulnerable parameters such as 'title' and others, and then using a SQL injection detection tool like sqlmap. For example, you can capture a valid HTTP request in a file (e.g., test.txt) and run the command: python sqlmap.py -r test.txt --level 5 --risk 3 --dbms=mysql --random-agent. Additionally, vulnerable targets can be discovered using Google dorking with the query: inurl:admin/aboutPost.php. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
No known countermeasures or mitigations are currently available for this vulnerability. The vendor did not respond to the disclosure. Immediate steps include restricting access to the vulnerable admin interface, monitoring for suspicious activity, and considering replacement with an alternative product. Applying proper input sanitization and parameterized queries in the source code would be ideal but requires vendor action. [3]