top of page
perceptive_background_267k.jpg

A weakness has been identified in code-projects Easy Blog Site up to 1.0. The impacted element is an unknown function of the file /users/contact_us.php. Executi…

Published:

7 april 2026 om 22:00:00

Alert date:

8 april 2026 om 22:09:50

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

A SQL injection vulnerability has been identified in code-projects Easy Blog Site version 1.0. The vulnerability exists in the /users/contact_us.php file where manipulation of the 'Name' parameter can lead to SQL injection attacks. The vulnerability can be exploited remotely and public exploits are available. The affected component is an unknown function within the contact form processing. This represents a critical security flaw that could allow attackers to access or manipulate the underlying database.

Technical details

Mitigation steps:

Affected products:

Easy Blog Site

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-5805
https://code-projects.org/
https://github.com/ahmadmarz10-hub/CVEsMarz/blob/main/SQL%20Injection%20in%20Easy%20Blog%20Site%20PHP%20name%20Parameter.md
https://vuldb.com/submit/787031
https://vuldb.com/vuln/356243
https://vuldb.com/vuln/356243/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page