CVE-2026-5646 code-projects Easy Blog Site login.php sql injection

A security vulnerability has been detected in code-projects Easy Blog Site 1.0. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The exploit has been disclos...

CVE-2026-5646 code-projects Easy Blog Site login.php sql injection

A security vulnerability has been detected in code-projects Easy Blog Site 1.0. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The exploit has been disclos...

CVE-2026-5646

Vulnerability CVE-2026-5646 affects code-projects Easy Blog Site 1.0, specifically the login.php file. The issue arises from manipulating the username/password parameters, leading to a SQL injection in a function handling authentication. Attack vector is network remote, with low attack complexity...

CVE-2026-5646

A security vulnerability has been detected in code-projects Easy Blog Site 1.0. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The exploit has been disclos...

PT-2026-30596

Name of the Vulnerable Software and Affected Versions Easy Blog Site version 1.0 Description A security issue exists in Easy Blog Site 1.0 related to the login functionality within the login.php file. Manipulation of the username and password arguments can lead to SQL injection. The attack can be...

CI4MS 跨站脚本漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 31.0.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the failure to properly clean user-controlled input when users updated their profile names, which could lead to...

Code-Projects Blog Site SQL注入漏洞

Code-Projects Blog Site is an open-source blog system developed by Code-Projects. Version 1.0 of Code-Projects Blog Site has a SQL injection vulnerability. This vulnerability stems from incorrect handling of parameters username and password in the login.php file, which may lead to SQL injection...

CVE-2026-39306

creationtimestamp| type| source ---|---|--- 2026-04-05 04:59:45+00:00| published-proof-of-concept| https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-4rx4-4r3x-6534 2026-04-07 19:34:21+00:00| seen| Telegram/OYPeMWdUc2Y5vftMssiNoDYA806NyVd6-qxnWxvkgzfQI 2026-04-16 08:37:07+00:00|...

CVE-2026-39307

creationtimestamp| type| source ---|---|--- 2026-04-05 04:59:42+00:00| published-proof-of-concept| https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-4ph2-f6pf-79wv 2026-04-07 19:34:21+00:00| seen| Telegram/OYPeMWdUc2Y5vftMssiNoDYA806NyVd6-qxnWxvkgzfQI 2026-04-16 03:37:07+00:00|...

SQL Injection

baserCMS is vulnerable to SQL injection. The vulnerability is due to insufficient input validation in the blog post functionality, where malicious SQL may be executed in blog posts and attackers can inject crafted SQL statements to manipulate the database...

CVE-2025-70027

creationtimestamp| type| source ---|---|--- 2026-04-04 00:20:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mimxmq4mqn2i...

CVE-2026-3971

creationtimestamp| type| source ---|---|--- 2026-04-03 01:20:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mikkj3j7tb2a...

CVE-2026-34567

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog posts within the Categories...

CVE-2026-34568

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog posts. An attacker can inject a...

CVE-2026-34569

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog categories. An attacker can injec...

CVE-2026-34717

creationtimestamp| type| source ---|---|--- 2026-04-02 19:27:20+00:00| published-proof-of-concept| Telegram/zJs9VhJAI5JOvrL4hzeWnrOleMDgHArbbwhOuzjaL80cudA 2026-04-21 02:07:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mjxvjoeqzj2y...

CVE-2026-34790

creationtimestamp| type| source ---|---|--- 2026-04-02 17:37:38+00:00| seen| Telegram/s8qY890P48N3Wo9aQa8rI-zenhf5cWovFj-1HEcEoggzt84 2026-04-08 07:20:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mixqxgjfg72r...

Unmasking the Paramilitary Agents Behind Trump’s Violent Immigration Crackdown

A WIRED analysis of DHS records identified dozens of specialized federal agents who used force against US civilians during the largest known deployment of its kind in US history...

CVE-2026-34568

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog posts. An attacker can inject a...

CVE-2026-34569

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog categories. An attacker can injec...