VYPR

SmartBlog

by Smartdatasoft

CVEs (2)

  • CVE-2021-37538CriAug 24, 2021
    risk 0.70cvss 9.8epss 0.74

    Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year parameter to the controllers/front/archive.php archive controller, or the…

  • CVE-2020-36972HigJan 28, 2026
    risk 0.53cvss 8.2epss 0.00

    SmartBlog 2.0.1 contains a blind SQL injection vulnerability in the 'id_post' parameter of the details controller that allows attackers to extract database information. Attackers can systematically test and retrieve database contents by injecting crafted SQL queries that compare…