PT-2026-30596 · Unknown · Easy Blog Site

Mymy

Published

2026-04-06

Updated

2026-04-28

CVE-2026-5646

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Easy Blog Site version 1.0

Description A security issue exists in Easy Blog Site 1.0 related to the login functionality within the login.php file. Manipulation of the username and password arguments can lead to SQL injection. The attack can be initiated remotely, and a public exploit is available.

Recommendations Disable the login functionality in login.php until a fix is available.

Exploit

Fix

SQL injection

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89CWE-74

Related Identifiers

CVE-2026-5646

Affected Products

Easy Blog Site

PT-2026-30596 · Unknown · Easy Blog Site

CVE-2026-5646

Weakness Enumeration

Related Identifiers

Affected Products

References · 12