Login Sign Up

CVE-2025-13575

6.3 MEDIUM
SQL Injection

📋 TL;DR

This SQL injection vulnerability in code-projects Blog Site 1.0 allows attackers to manipulate database queries through the category_exists function. Remote attackers can potentially read, modify, or delete database content. All deployments of Blog Site 1.0 are affected.

💻 Affected Systems

Products:
  • code-projects Blog Site
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of version 1.0 are vulnerable. The vulnerability exists in the core category handling functionality.

📦 What is this software?

Blog Site by Fabian

View all CVEs affecting Blog Site →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data manipulation, and potential remote code execution via database functions.

🟠

Likely Case

Unauthorized data access, privilege escalation, and potential website defacement through database manipulation.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only error messages or partial data exposure.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Multiple public exploit examples exist. Attack can be performed remotely without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

No official patch available. Consider migrating to alternative software or implementing workarounds.

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize the name/field parameter before passing to category_exists function

Modify /resources/functions/blog.php to add parameter validation using prepared statements or proper escaping

Web Application Firewall Rules

all

Block SQL injection patterns targeting category endpoints

Add WAF rules to detect and block SQL injection patterns in POST/GET parameters

🧯 If You Can't Patch

  • Implement network segmentation to isolate the blog server from critical systems
  • Enable detailed logging and monitoring for SQL injection attempts

🔍 How to Verify

Check if Vulnerable:

Check if running code-projects Blog Site version 1.0. Review /resources/functions/blog.php for vulnerable category_exists function.

Check Version:

Check application files for version information or review installation documentation

Verify Fix Applied:

Test category endpoints with SQL injection payloads to ensure they are properly rejected or sanitized.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL errors in application logs
  • Multiple failed login attempts or parameter manipulation

Network Indicators:

  • SQL keywords in HTTP parameters
  • Unusual database connection patterns

SIEM Query:

source="web_logs" AND ("category_exists" OR "SQL syntax" OR "You have an error in your SQL syntax")

📊 Metadata

CVE ID: CVE-2025-13575
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.05% exploit probability (15.2th percentile)
Published: November 24, 2025
Last Updated: December 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-13575, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)