CVE-2026-5805

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Easy Blog Site versions prior to 1.0

Description A weakness exists in Easy Blog Site up to version 1.0. The issue is related to a SQL injection vulnerability in an unknown function within the /users/contact us.php file. Manipulating the Name argument can trigger the injection. The attack can be launched remotely and the exploit is publicly available.

Recommendations Update Easy Blog Site to a version later than 1.0.

Exploit

Fix

Special Elements Injection

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-89

Related Identifiers

CVE-2026-5805

Affected Products

Easy Blog Site

CVE-2026-5805

Weakness Enumeration

Related Identifiers

Affected Products

References · 8