top of page
perceptive_background_267k.jpg

A weakness has been identified in code-projects Easy Blog Site up to 1.0. The impacted element is an unknown function of the file /users/contact_us.php. Executi…

Published:

7 April 2026 at 22:00:00

Alert date:

8 April 2026 at 22:09:50

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

A SQL injection vulnerability has been identified in code-projects Easy Blog Site version 1.0. The vulnerability exists in the /users/contact_us.php file where manipulation of the 'Name' parameter can lead to SQL injection attacks. The vulnerability can be exploited remotely and public exploits are available. The affected component is an unknown function within the contact form processing. This represents a critical security flaw that could allow attackers to access or manipulate the underlying database.

Technical details

Mitigation steps:

Affected products:

Easy Blog Site

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-5805
https://code-projects.org/
https://github.com/ahmadmarz10-hub/CVEsMarz/blob/main/SQL%20Injection%20in%20Easy%20Blog%20Site%20PHP%20name%20Parameter.md
https://vuldb.com/submit/787031
https://vuldb.com/vuln/356243
https://vuldb.com/vuln/356243/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page