CVE-2021-37538

CVE-2021-37538

Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year parameter to the controllers/front/archive.php archive controller, or the id_category parameter to the controllers/front/category.php category controller.

Source: CVE-2021-37538

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다