← Back

Smartblog

smartblog

Vendor: Smartdatasoft • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-36972
1Smartdatasoft
1Smartblog
Feb 9, 2026
Jan 28, 2026
8.8 HIGH· v4
7.5 HIGH· v3
N/A· v2
SmartBlog 2.0.1 contains a blind SQL injection vulnerability in the 'id_post' parameter of the details controller that allows attackers to extract database information. Attackers can systematically test and retrieve data...Show more
SmartBlog 2.0.1 contains a blind SQL injection vulnerability in the 'id_post' parameter of the details controller that allows attackers to extract database information. Attackers can systematically test and retrieve database contents by injecting crafted SQL queries that compare character-by-character of database information.Show less
CVE-2021-37538
1Smartdatasoft
1Smartblog
Nov 21, 2024
Aug 24, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year parameter to the controll...Show more
Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year parameter to the controllers/front/archive.php archive controller, or the id_category parameter to the controllers/front/category.php category controller.Show less