CVE-2025-5402

CVE-2025-5402 affects chaitak-gorai Blogbook. The vulnerable component is the GET Parameter Handler in the file /admin/includes/edit_post.php, where manipulating the edit_post_id parameter leads to SQL injection. Exploitation is described as possible remotely and publicly disclosed. Several sourc...

CVE-2025-5401 chaitak-gorai Blogbook GET Parameter post.php sql injection

A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /post.php of the component GET Parameter Handler. The manipulation of the argument pid leads...

CVE-2025-5401

CVE-2025-5401 affects chaitak-gorai Blogbook (up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513). The vulnerability lies in the GET Parameter Handler for /post.php, where manipulating the p_id parameter enables SQL injection. Exploitation is possible remotely and has been publicly disclosed. No fixe...

CVE-2025-5401 chaitak-gorai Blogbook GET Parameter post.php sql injection

A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /post.php of the component GET Parameter Handler. The manipulation of the argument pid leads...

CVE-2025-5400

A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been classified as critical. Affected is an unknown function of the file /user.php of the component GET Parameter Handler. The manipulation of the argument uid leads to sql injection. It is...

PT-2025-23429 · Unknown · Chaitak-Gorai Blogbook

Name of the Vulnerable Software and Affected Versions: chaitak-gorai Blogbook versions up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 Description: A critical issue affects some unknown functionality of the file /admin/includes/edit post.php of the component GET Parameter Handler. The manipulation...

PT-2025-23430 · Unknown · Chaitak-Gorai Blogbook

Name of the Vulnerable Software and Affected Versions: chaitak-gorai Blogbook affected versions not specified Description: A critical vulnerability has been found in chaitak-gorai Blogbook. The issue affects the GET Parameter Handler component, specifically the post id argument in the /admin/view...

PT-2025-23427 · Unknown · Chaitak-Gorai Blogbook

Name of the Vulnerable Software and Affected Versions: Chaitak-gorai Blogbook versions up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 Description: A critical vulnerability was found in Chaitak-gorai Blogbook, affecting an unknown functionality of the file /post.php of the component GET Parameter...

CVE-2024-9093

A vulnerability classified as critical has been found in SourceCodester Profile Registration without Reload Refresh 1.0. This affects an unknown part of the file del.php of the component GET Parameter Handler. The manipulation of the argument list leads to sql injection. It is possible to initiat...

CVE-2024-4817

A vulnerability has been found in Campcodes Online Laundry Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file manageuser.php of the component HTTP Request Parameter Handler. The manipulation of the argument id leads to improper control of resourc...

CVE-2024-0303

A vulnerability, which was classified as critical, was found in Youke365 up to 1.5.3. Affected is an unknown function of the file /app/api/controller/caiji.php of the component Parameter Handler. The manipulation of the argument url leads to server-side request forgery. It is possible to launch t...

CVE-2024-8408

A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by this issue is the function validateservicesport of the file /apply.cgi of the component POST Parameter Handler. The manipulation of the argument servicesarray leads to stack-based buffer overflow. The...

CVE-2023-0515

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/forgetpassword.php of the component Parameter Handler. The manipulation of the argument email leads to sql injection. T...

CVE-2023-0283

A vulnerability classified as critical has been found in SourceCodester Online Flight Booking Management System. This affects an unknown part of the file reviewsearch.php of the component POST Parameter Handler. The manipulation of the argument txtsearch leads to sql injection. It is possible to...

CVE-2023-4974

A vulnerability was found in Academy LMS 6.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /academy/tutor/filter of the component GET Parameter Handler. The manipulation of the argument pricemin/pricemax leads to sql injection. The attack may be...

CVE-2023-3795

A vulnerability classified as critical was found in Bug Finder ChainCity Real Estate Investment Platform 1.0. Affected by this vulnerability is an unknown functionality of the file /property of the component GET Parameter Handler. The manipulation of the argument name leads to sql injection. The...

CVE-2023-3539

A vulnerability, which was classified as problematic, has been found in SimplePHPscripts Simple Forum PHP 2.7. This issue affects some unknown processing of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated...

CVE-2023-3535

A vulnerability was found in SimplePHPscripts FAQ Script PHP 2.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be...

CVE-2023-3464

A vulnerability was found in SimplePHPscripts Classified Ads Script 1.8. It has been classified as problematic. Affected is an unknown function of the file /preview.php of the component URL Parameter Handler. The manipulation of the argument p leads to cross site scripting. It is possible to laun...

CVE-2023-2814

A vulnerability classified as problematic has been found in SourceCodester Class Scheduling System 1.0. Affected is an unknown function of the file /admin/saveteacher.php of the component POST Parameter Handler. The manipulation of the argument AcademicRank leads to cross site scripting. It is...