SQL Injection Vulnerability in iPynch Social Network Website
CVE-2025-11606

5.3MEDIUM

Key Information:

Vendor: Ipynch
Status: Social Network Website
Vendor: CVE Published:; 11 October 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-11606?

A security weakness has been identified in the iPynch Social Network Website, which includes an unknown function within its Search component. This flaw allows for SQL injection attacks to be performed remotely, potentially compromising the security of the system. The exploit has been publicly released, raising concerns about its impact on users. It's important to apply necessary updates or patches as soon as possible to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Social Network Website b6933b6d7f82c84819abe458ccf0e59d61119541

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-11606 - Proof of Concept

References

https://vuldb.com/?id.327928

vdb-entry

https://vuldb.com/?ctiid.327928

signaturepermissions-required

https://vuldb.com/?submit.672465

third-party-advisory

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Oct 11, 2025
👾
Exploit known to exist
Oct 11, 2025
Vulnerability published
Oct 11, 2025
Vulnerability Reserved
Oct 10, 2025

Credit

lianhaorui (VulDB User)

JSON

Ipynch