Browse all 8 CVE security advisories affecting chaitak-gorai. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Chaitak-gorai develops web applications and APIs primarily for business process automation. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and insecure authentication mechanisms. While no major public security incidents have been widely documented, the eight CVEs on record indicate consistent security challenges, particularly in access control and data handling. Their codebase frequently exposes users to potential exploitation through inadequate sanitization of user inputs and misconfigured default permissions, necessitating rigorous security reviews before deployment in sensitive environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-5407 | chaitak-gorai Blogbook register_script.php cross site scripting — BlogbookCWE-79 | 2.4 | Low | 2025-06-01 |
| CVE-2025-5406 | chaitak-gorai Blogbook posts.php unrestricted upload — BlogbookCWE-434 | 6.3 | Medium | 2025-06-01 |
| CVE-2025-5405 | chaitak-gorai Blogbook post.php cross site scripting — BlogbookCWE-79 | 3.5 | Low | 2025-06-01 |
| CVE-2025-5404 | chaitak-gorai Blogbook GET Parameter search.php denial of service — BlogbookCWE-404 | 4.3 | Medium | 2025-06-01 |
| CVE-2025-5403 | chaitak-gorai Blogbook GET Parameter view_all_posts.php sql injection — BlogbookCWE-89 | 6.3 | Medium | 2025-06-01 |
| CVE-2025-5402 | chaitak-gorai Blogbook GET Parameter edit_post.php sql injection — BlogbookCWE-89 | 7.3 | High | 2025-06-01 |
| CVE-2025-5401 | chaitak-gorai Blogbook GET Parameter post.php sql injection — BlogbookCWE-89 | 7.3 | High | 2025-06-01 |
| CVE-2025-5400 | chaitak-gorai Blogbook GET Parameter user.php sql injection — BlogbookCWE-89 | 7.3 | High | 2025-06-01 |
This page lists every published CVE security advisory associated with chaitak-gorai. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.