5 matches found
CVE-2025-9929
The CVE-2025-9929 entry concerns Code-Projects Responsive Blog Site 1.0. A vulnerability in blogs_view.php arises from improper manipulation of the parameters product_code, gen_name, product_name, and supplier, enabling cross-site scripting. The issue appears exploitable remotely and an exploit h...
CVE-2025-7167
The CVE-2025-7167 entry concerns code-projects Responsive Blog Site 1.0. The affected component is the file /category.php where the manipulation of the ID parameter enables an SQL injection. This vulnerability is exploitable remotely and, per multiple sources, the exploit has been disclosed publi...
CVE-2025-6353
CVE-2025-6353 affects code-projects Responsive Blog 1.0. Affected component: the /search.php function where manipulating the keyword/argument parameter leads to cross-site scripting. Exploitation is remote and has been publicly disclosed; multiple sources corroborate a code path enabling XSS. The...
CVE-2025-7166
CVE-2025-7166 affects the code-projects Responsive Blog Site 1.0, with vulnerability in an unknown part of /single.php where manipulating the ID parameter leads to SQL injection. Multiple connected sources describe remote exploitation and public disclosure, implying exploitability in practice. Th...
CVE-2025-6347
CVE-2025-6347 affects code-projects Responsive Blog (versions 1.0, 1.12.4, 3.3.4). The vulnerability is a cross-site scripting flaw in /responsive/resblog/blogadmin/admin/pageViewMembers.php, with remote exploitation and publicly disclosed exploits. Multiple sources in the provided documents corr...