EUVD-2025-16578Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
4DescriptionCVE.org
A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/includes/edit_post.php of the component GET Parameter Handler. The manipulation of the argument edit_post_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
Critical SQL injection vulnerability in chaitak-gorai Blogbook affecting the GET parameter handler in /admin/includes/edit_post.php, specifically the 'edit_post_id' parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially leading to data exfiltration, modification, or denial of service. The vulnerability has been publicly disclosed with exploit code available, and the vendor has not responded to early disclosure notifications.
Technical ContextAI
This vulnerability exists in the Blogbook blogging platform's administrative interface, specifically in the edit post functionality. The root cause is classified as CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component - 'Injection'), which indicates insufficient input validation/sanitization of the 'edit_post_id' GET parameter before it is used in SQL queries. The affected component is the GET Parameter Handler in /admin/includes/edit_post.php, suggesting the parameter is parsed from query strings and directly concatenated or insufficiently escaped in database queries. The continuous delivery model with rolling releases means traditional version tracking is absent, making it difficult to establish precise affected version ranges beyond the identified commit hash (92f5cf90f8a7e6566b576fe0952e14e1c6736513).
RemediationAI
Immediate remediation steps: (1) Audit all instances of Blogbook for vulnerability presence by reviewing /admin/includes/edit_post.php for parameterized query usage on 'edit_post_id'; (2) Update to the latest repository commit beyond 92f5cf90f8a7e6566b576fe0952e14e1c6736513 if available; (3) If update is unavailable, implement immediate mitigations including: parameterized prepared statements for all SQL queries using 'edit_post_id', input validation to ensure the parameter is a valid integer, Web Application Firewall (WAF) rules to detect/block SQL injection patterns in GET parameters, and restrict admin panel access to trusted IP ranges pending patch deployment; (4) Monitor application logs for suspicious 'edit_post_id' parameter values (SQL keywords, quotes, comment syntax); (5) Consider forking and patching the code locally given vendor non-responsiveness; (6) Implement least-privilege database accounts to limit SQL injection impact scope.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today