CVE-2026-5805

CWE-74CWE-89SQL Injection4 documents4 sources
Severity
6.9MEDIUM
EPSS
0.0%
top 91.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Code-projects Easy Blog Site
Timeline
PublishedApr 8

Description

A weakness has been identified in code-projects Easy Blog Site up to 1.0. The impacted element is an unknown function of the file /users/contact_us.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages1 packages

🔴Vulnerability Details

2
CVEList
code-projects Easy Blog Site contact_us.php sql injection2026-04-08
GHSA
GHSA-48h8-qxm4-xrp8: A weakness has been identified in code-projects Easy Blog Site up to 12026-04-08
CVE-2026-5805 (MEDIUM CVSS 6.9) | A weakness has been identified in c | cvebase.io