CVE-2025-22542

Name of the Vulnerable Software and Affected Versions Ofek Nakar Virtual Bot versions prior to 1.0.0

Description The issue is related to the improper neutralization of special elements used in an SQL command, allowing for Blind SQL Injection. This means an attacker can execute SQL commands without directly seeing the database output, potentially leading to data extraction or modification.

Recommendations For versions prior to 1.0.0, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to SQL commands or implementing additional validation and sanitization for user input to minimize the risk of exploitation.