CVE-2025-13575 | code-projects Blog Site 1.0 Category blog.php category_exists name/field sql injection

A vulnerability described as critical has been identified in code-projects Blog Site 1.0. Impacted is the function category_exists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection.

This vulnerability is listed as CVE-2025-13575. The attack may be performed from remote. In addition, an exploit is available.

Multiple endpoints are affected.VulDB Recent EntriesRead More