EUVD-2025-16578
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
4Description
A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/includes/edit_post.php of the component GET Parameter Handler. The manipulation of the argument edit_post_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.
Analysis
Critical SQL injection vulnerability in chaitak-gorai Blogbook affecting the GET parameter handler in /admin/includes/edit_post.php, specifically the 'edit_post_id' parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially leading to data exfiltration, modification, or denial of service. The vulnerability has been publicly disclosed with exploit code available, and the vendor has not responded to early disclosure notifications.
Technical Context
This vulnerability exists in the Blogbook blogging platform's administrative interface, specifically in the edit post functionality. The root cause is classified as CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component - 'Injection'), which indicates insufficient input validation/sanitization of the 'edit_post_id' GET parameter before it is used in SQL queries. The affected component is the GET Parameter Handler in /admin/includes/edit_post.php, suggesting the parameter is parsed from query strings and directly concatenated or insufficiently escaped in database queries. The continuous delivery model with rolling releases means traditional version tracking is absent, making it difficult to establish precise affected version ranges beyond the identified commit hash (92f5cf90f8a7e6566b576fe0952e14e1c6736513).
Affected Products
Product: chaitak-gorai Blogbook; Affected Commit: up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513; Version Information: Due to continuous delivery with rolling releases, specific version numbers are unavailable. The vulnerability affects all instances running code at or before the identified commit hash. No CPE string officially exists for this obscure open-source project, but affected systems would be identifiable by the presence of /admin/includes/edit_post.php with vulnerable parameter handling. Vendor Contact Status: Early notification provided, no response received.
Remediation
Immediate remediation steps: (1) Audit all instances of Blogbook for vulnerability presence by reviewing /admin/includes/edit_post.php for parameterized query usage on 'edit_post_id'; (2) Update to the latest repository commit beyond 92f5cf90f8a7e6566b576fe0952e14e1c6736513 if available; (3) If update is unavailable, implement immediate mitigations including: parameterized prepared statements for all SQL queries using 'edit_post_id', input validation to ensure the parameter is a valid integer, Web Application Firewall (WAF) rules to detect/block SQL injection patterns in GET parameters, and restrict admin panel access to trusted IP ranges pending patch deployment; (4) Monitor application logs for suspicious 'edit_post_id' parameter values (SQL keywords, quotes, comment syntax); (5) Consider forking and patching the code locally given vendor non-responsiveness; (6) Implement least-privilege database accounts to limit SQL injection impact scope.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today