CVE-2026-5805 code-projects Easy Blog Site contact_us.php sql injection

A weakness has been identified in code-projects Easy Blog Site up to 1.0. The impacted element is an unknown function of the file /users/contactus.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been made available...

Code-Projects Blog Site SQL注入漏洞

Code-Projects Blog Site is an open-source blog system developed by Code-Projects. Version 1.0 of Code-Projects Blog Site has a SQL injection vulnerability. This vulnerability stems from incorrect handling of parameters username and password in the login.php file, which may lead to SQL injection...

CVE-2025-13576

Blog Site 1.0 is affected by CVE-2025-13576 due to improper authorization in the admin.php file. The vulnerability arises from an unclear/unknown function in /admin.php that can be manipulated to bypass authorization, enabling remote exploitation. Multiple endpoints are affected, and exploitation...

CVE-2025-13576 code-projects Blog Site admin.php improper authorization

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...

CVE-2025-13576 code-projects Blog Site admin.php improper authorization

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...

CVE-2025-13575 code-projects Blog Site Category blog.php category_exists sql injection

A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...

PT-2025-47870

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...

CVE-2025-9929

The CVE-2025-9929 entry concerns Code-Projects Responsive Blog Site 1.0. A vulnerability in blogs_view.php arises from improper manipulation of the parameters product_code, gen_name, product_name, and supplier, enabling cross-site scripting. The issue appears exploitable remotely and an exploit h...

Code-Projects Responsive Blog Site 注入漏洞

Code-Projects Responsive Blog Site is a responsive blog site from Code-Projects open source. An injection vulnerability exists in Code-Projects Responsive Blog Site version 1.0, which stems from an incorrect manipulation of the parameter ID in the file /single.php resulting in SQL injection...

Code-Projects Responsive Blog Site 注入漏洞

Code-Projects Responsive Blog Site is a responsive blog site from Code-Projects open source. Code-Projects Responsive Blog Site version 1.0 suffers from an injection vulnerability that stems from SQL injection due to incorrect manipulation of the parameter ID in the file /category.php...