CVE-2025-13576 code-projects Blog Site admin.php improper authorization

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...

EUVD-2025-198595

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...

CVE-2025-13575

CVE-2025-13575 affects code-projects Blog Site 1.0. The vulnerability is in the function category_exists in /resources/functions/blog.php (Category Handler). The issue arises from manipulation of the argument name/field, enabling SQL injection. The attack can be performed remotely and the exploit...

CVE-2025-13575 code-projects Blog Site Category blog.php category_exists sql injection

A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...

EUVD-2025-198596

A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...

CVE-2025-13575 code-projects Blog Site Category blog.php category_exists sql injection

A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...

PT-2025-47869

A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function category exists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...

Code-Projects Blog Site SQL注入漏洞

Blog Site is a blogging system. Blog Site suffers from an SQL injection vulnerability that originates from the lack of validation of the name/field parameter in the file /resources/functions/blog.php for externally typed SQL statements. An attacker can exploit this vulnerability to execute illega...

PT-2025-47870

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...

Code-Projects Blog Site 授权问题漏洞

Blog Site is a blogging system. Blog Site suffers from an improper authorization vulnerability that originates in the file /admin.php, which can be exploited by an attacker to compromise confidentiality, integrity, and availability...

Friday Squid Blogging: New “Squid” Sneaker

I did not know Adidas sold a sneaker called "Squid." As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

Distributed Edge Inference Changes Everything

...

Bot Management for the Agentic Era

Learn how bot management is evolving in the age of AI agents, with new authentication standards, monetization models, and ways to manage AI-driven automation...

When the Internet Fails Again, Will You Survive a DDoS Attack?

...

What We Do In The Shadow (AI): New Malware Strain Vamps Up

...

From Data Loss Prevention (DLP) to Modern Data Security

It’s time to rethink your approach...

CVE-2025-59499

creationtimestamp| type| source ---|---|--- 2025-11-11 17:30:42+00:00| seen| https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review 2025-11-11 20:25:55+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5extb6maxi2 2025-11-11...

CVE-2025-30398

creationtimestamp| type| source ---|---|--- 2025-11-11 17:30:42+00:00| seen| https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review 2025-11-11 20:27:01+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5exuamtavv2 2025-11-11...

CVE-2025-62201

creationtimestamp| type| source ---|---|--- 2025-11-11 17:30:42+00:00| seen| https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review 2025-11-11 17:31:27+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0359 2025-11-12 08:09:14+00:00| seen|...

CVE-2025-59509

creationtimestamp| type| source ---|---|--- 2025-11-11 17:29:38+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0358 2025-11-11 17:30:42+00:00| seen| https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review...