High severity7.1OSV Advisory· Published Jan 21, 2026· Updated Apr 15, 2026

CVE-2021-47872

Description

SEO Panel versions prior to 4.9.0 contain a blind SQL injection vulnerability in the archive.php page that allows authenticated attackers to manipulate database queries through the 'order_col' parameter. Attackers can use sqlmap to exploit the vulnerability and extract database information by injecting malicious SQL code into the order column parameter.

Affected products

Seopanel/SeopanelOSV
Range: 4.2.0, 4.3.0, 4.4.0, …

Patches

7c107c789be7

https://github.com/seopanel/seo-panelvia osv

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/seopanel/Seo-Panel/issues/209nvd
github.com/seopanel/Seo-Panel/releases/tag/4.9.0nvd
www.exploit-db.com/exploits/49666nvd
www.seopanel.orgnvd
www.vulncheck.com/advisories/seo-panel-ordercol-blind-sql-injectionnvd

News mentions

No linked articles in our index yet.

cvss	0.461
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000