CVE-2025-22693

Summary

CVE-2025-22693 is a critical SQL Injection vulnerability affecting Contest Gallery from versions n/a through 25.1.0. Hackers can exploit this weakness by introducing malicious SQL commands and gain unauthorized access to the system or manipulate data. This issue arises due to Contest Gallery's improper neutralization of special elements used in SQL commands, making it susceptible to SQL Injection attacks. Successful exploitation may lead to serious consequences, including data theft, account takeover, and even system compromise. It is strongly advised that users of Contest Gallery upgrade to a secure version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.