Chaitak-Gorai Blogbook vulnerabilities
8 known vulnerabilities affecting chaitak-gorai/blogbook.
Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH3MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-5406P2HIGHCVSS 8.8≤ 2021-11-22v92f5cf90f8a7e6566b576fe0952e14e1c67365132025-06-01
CVE-2025-5406 [HIGH] CWE-284 CVE-2025-5406: A vulnerability, which was classified as critical, was found in chaitak-gorai Blogbook up to 92f5cf9
A vulnerability, which was classified as critical, was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. Affected is an unknown function of the file /admin/posts.php?source=add_post. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclo
nvd
CVE-2025-5401P3CRITICALCVSS 9.8≤ 2021-11-22v92f5cf90f8a7e6566b576fe0952e14e1c67365132025-06-01
CVE-2025-5401 [CRITICAL] CWE-74 CVE-2025-5401: A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513.
A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /post.php of the component GET Parameter Handler. The manipulation of the argument p_id leads to sql injection. The attack can be launched remotely.
nvd
CVE-2025-5400P3CRITICALCVSS 9.8≤ 2021-11-22v92f5cf90f8a7e6566b576fe0952e14e1c67365132025-06-01
CVE-2025-5400 [CRITICAL] CWE-74 CVE-2025-5400: A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513.
A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been classified as critical. Affected is an unknown function of the file /user.php of the component GET Parameter Handler. The manipulation of the argument u_id leads to sql injection. It is possible to launch the attack remotely. The exploit has
nvd
CVE-2025-5402P3CRITICALCVSS 9.8≤ 2021-11-22v92f5cf90f8a7e6566b576fe0952e14e1c67365132025-06-01
CVE-2025-5402 [CRITICAL] CWE-74 CVE-2025-5402: A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513.
A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/includes/edit_post.php of the component GET Parameter Handler. The manipulation of the argument edit_post_id leads to sql injection. The attack may be
nvd
CVE-2025-5403P3HIGHCVSS 8.8≤ 2021-11-22v92f5cf90f8a7e6566b576fe0952e14e1c67365132025-06-01
CVE-2025-5403 [HIGH] CWE-74 CVE-2025-5403: A vulnerability classified as critical has been found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6
A vulnerability classified as critical has been found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. This affects an unknown part of the file /admin/view_all_posts.php of the component GET Parameter Handler. The manipulation of the argument post_id leads to sql injection. It is possible to initiate the attack remotely. The expl
nvd
CVE-2025-5404P3HIGHCVSS 7.5≤ 2021-11-22v92f5cf90f8a7e6566b576fe0952e14e1c67365132025-06-01
CVE-2025-5404 [HIGH] CWE-404 CVE-2025-5404: A vulnerability classified as problematic was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e656
A vulnerability classified as problematic was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. This vulnerability affects unknown code of the file /search.php of the component GET Parameter Handler. The manipulation of the argument Search leads to denial of service. The exploit has been disclosed to the public and may be u
nvd
CVE-2025-5405P4MEDIUMCVSS 5.4≤ 2021-11-22v92f5cf90f8a7e6566b576fe0952e14e1c67365132025-06-01
CVE-2025-5405 [MEDIUM] CWE-79 CVE-2025-5405: A vulnerability, which was classified as problematic, has been found in chaitak-gorai Blogbook up to
A vulnerability, which was classified as problematic, has been found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. This issue affects some unknown processing of the file /post.php. The manipulation of the argument comment_author/comment_email/comment_content leads to cross site scripting. The attack may be initiated remotely
nvd
CVE-2025-5407P4MEDIUMCVSS 5.4≤ 2021-11-22v92f5cf90f8a7e6566b576fe0952e14e1c67365132025-06-01
CVE-2025-5407 [MEDIUM] CWE-79 CVE-2025-5407: A vulnerability has been found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736
A vulnerability has been found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /register_script.php. The manipulation of the argument fullname leads to cross site scripting. The attack can be launched remotely. The exploit has
nvd