CVE-2025-13575

A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...

CVE-2025-13576

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...

Blog Site 1.0 SQL Injection

Titles: blog-site-1.0 Multiple-SQLi Author: nu11secur1ty Date: 07/29/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/14442/blog-site-using-phpmysql.html Reference: https://portswigger.net/web-security/sql-injection Description: The id parameter appears to be...

CVE-2023-23019

Cross site scripting XSS vulnerability in file main.php in sourcecodester oretnom23 Blog Site 1.0 via the name and email parameters to function useradd....

CVE-2023-23019

Cross site scripting XSS vulnerability in file main.php in sourcecodester oretnom23 Blog Site 1.0 via the name and email parameters to function useradd....