CVE-2025-11606 MEDIUM

CVE-2025-11606: iPynch Social Network Website Search sql injection

Vendor Ipynch

Product Social Network Website

Weakness CWE-89 · SQLi

Published October 11, 2025

Last update October 14, 2025

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A security flaw has been discovered in iPynch Social Network Website up to b6933b6d7f82c84819abe458ccf0e59d61119541. The affected element is an unknown function of the component Search. Performing manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. This product adopts a rolling release strategy to maintain continuous delivery

Key dates

02Disclosure timeline

October 11, 2025 CVE published

October 14, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-11606

Related vulnerabilities

Identifiers

CVE CVE-2025-11606

CWE CWE-89

CVSS 5.3 / MEDIUM

Affected versions