Vulnerability Description
A security vulnerability has been detected in cameasy Liketea 1.0.0. Impacted is the function list of the file laravel/app/Http/Controllers/Front/StoreController.php of the component API Endpoint. Such manipulation of the argument lng/lat leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://github.com/ictrun/liketea-sql-injection/blob/main/README.md
- https://github.com/ictrun/liketea-sql-injection/blob/main/README.md#proof-of-con
- https://vuldb.com/?ctiid.332349
- https://vuldb.com/?id.332349
- https://vuldb.com/?submit.683659
FAQ
What is CVE-2025-13121?
CVE-2025-13121 is a vulnerability with a CVSS score of 7.3 (HIGH). A security vulnerability has been detected in cameasy Liketea 1.0.0. Impacted is the function list of the file laravel/app/Http/Controllers/Front/StoreController.php of the component API Endpoint. Suc...
How severe is CVE-2025-13121?
CVE-2025-13121 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-13121?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.