CVE-2025-13575

Name of the Vulnerable Software and Affected Versions code-projects Blog Site version 1.0

Description A security issue exists in code-projects Blog Site 1.0 related to the Category Handler component. Manipulation of the argument name/field within the category exists function, located in the file /resources/functions/blog.php, can lead to SQL injection. The attack can be performed remotely. The exploit has been publicly disclosed and may be used. Multiple API endpoints are affected. The name/field argument is vulnerable.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.