CVE-2025-5404 – Chaitak-Gorai Blogbook GET Parameter Handler Denial of Service Vulnerability

June 1, 2025

CVE ID : CVE-2025-5404

Published : June 1, 2025, 5:15 p.m. | 10 hours, 5 minutes ago

Description : A vulnerability classified as problematic was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. This vulnerability affects unknown code of the file /search.php of the component GET Parameter Handler. The manipulation of the argument Search leads to denial of service. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5405 – Chaitak-Gorai Blogbook Cross Site Scripting Vulnerability

Next Article CVE-2025-5403 – Chaitak-Gorai Blogbook SQL Injection Vulnerability

Highlights

CVE-2025-5226 – PHPGurukul Small CRM SQL Injection Vulnerability

May 27, 2025

CVE ID : CVE-2025-5226

Published : May 27, 2025, 3:15 a.m. | 1 hour, 42 minutes ago

Description : A vulnerability has been found in PHPGurukul Small CRM 3.0 and classified as critical. This vulnerability affects unknown code of the file /admin/change-password.php. The manipulation of the argument oldpass leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In-House vs. Outsource Node.js Development Teams: 9 Key Differences for the C-Suite (2025)

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought

This split keyboard offers deep customization – if you’re willing to go all in

I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it

I took a walk with Meta’s new Oakley smart glasses – they beat my Ray-Bans in every way

The details of TC39’s last meeting

The details of TC39’s last meeting

Simple wrapper for Chrome’s built-in local LLM (Gemini Nano)

Online Examination System using PHP and MySQL

Top 7 Computer Performance Test Tools Online (Free & Fast)

Top 7 Computer Performance Test Tools Online (Free & Fast)

10 Best Windows 11 Encryption Software

Google Chrome Is Testing Dynamic Country Detection for Region-Specific Features

CVE-2025-5404 – Chaitak-Gorai Blogbook GET Parameter Handler Denial of Service Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

CVE-2025-29662 – LandChat Remote Code Execution (RCE)

CVE-2025-6339 – Ponaravindb Hospital Management System SQL Injection

From MCP to multi-agents: The top 10 open source AI projects on GitHub right now and why they matter

New Russian Cyber Threat ‘Laundry Bear’ Hits Western Targets

CVE-2025-5226 – PHPGurukul Small CRM SQL Injection Vulnerability

CVE-2025-6390 – Brocade SANnav Password Storage Vulnerability

CVE-2025-3358 – CVE-2022-36337 Oracle WebLogic Server Cross-Site Scripting

CVE-2025-5940 – Osom Blocks – WordPress Stored Cross-Site Scripting

CVE-2025-5404 – Chaitak-Gorai Blogbook GET Parameter Handler Denial of Service Vulnerability

Related Posts