{"id":43194,"date":"2025-05-23T12:18:04","date_gmt":"2025-05-23T12:18:04","guid":{"rendered":""},"modified":"2025-05-25T23:20:37","modified_gmt":"2025-05-25T23:20:37","slug":"cve-2025-31926-sql-injection-vulnerability-in-lambertgroup-sticky-radio-player","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-31926-sql-injection-vulnerability-in-lambertgroup-sticky-radio-player\/","title":{"rendered":"CVE-2025-31926: SQL Injection Vulnerability in LambertGroup Sticky Radio Player<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The cybersecurity world is yet again under a significant threat with the discovery of CVE-2025-31926, a severe SQL Injection vulnerability affecting the LambertGroup Sticky Radio Player. This vulnerability can lead to potential system compromises or data leakage, marking a massive risk for all users of Sticky Radio Player versions up to 3.4.
\nThis vulnerability matters as it presents a severe<\/a> risk to the confidentiality, integrity, and availability of user data. With an SQL Injection<\/a>, attackers can manipulate the system’s SQL queries, giving them the ability to access, modify, or even delete data they’re not supposed to. Given the widespread usage of the Sticky Radio Player<\/a>, this vulnerability could have far-reaching implications if not addressed promptly and correctly.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-31926
\nSeverity: High (8.5 CVSS score)
\nAttack Vector: Network
\nPrivileges Required: Low
\nUser Interaction: None
\nImpact: Potential system<\/a> compromise and data leakage.<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n