CVE-2025-13576

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions code-projects Blog Site version 1.0

Description A security issue exists in code-projects Blog Site 1.0 where manipulation of an unknown function within the /admin.php file can lead to improper authorization. This allows for remote initiation of the attack. The exploit is publicly available. Multiple API endpoints are affected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Authorization

Incorrect Privilege Assignment

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-285CWE-266

Related Identifiers

CVE-2025-13576

Affected Products

Eblog Site

CVE-2025-13576

Weakness Enumeration

Related Identifiers

Affected Products

References · 12