CVE-2020-36972

SmartBlog 2.0.1 contains a blind SQL injection vulnerability in the 'idpost' parameter of the details controller that allows attackers to extract database information. Attackers can systematically test and retrieve database contents by injecting crafted SQL queries that compare...

CVE-2020-36972

CVE-2020-36972 affects SmartBlog 2.0.1. The details controller’s id_post parameter is vulnerable to blind SQL injection, allowing an attacker to extract database information by character-by-character comparison via crafted SQL queries. This is the core vulnerability described across multiple sour...

EUVD-2013-3473

Malware in sbrugna...

SmartBlog 2.0.1 Blind SQL Injection

Exploit Title: SmartBlog 2.0.1 - 'idpost' Blind SQL injection Date: 2020-11-05 Exploit Author: C0wnuts Vendor Homepage: https://github.com/smartdatasoft/smartblog Version: 2.0.1 Tested on: Linux Description : A blind SQL injection is present in the "idpost" parameter of the "details" controller. ...

SmartBlog 2.0.1 - 'id_post' Blind SQL injection

Exploit Title: SmartBlog 2.0.1 - 'idpost' Blind SQL injection Date: 2020-11-05 Exploit Author: C0wnuts Vendor Homepage: https://github.com/smartdatasoft/smartblog Version: 2.0.1 Tested on: Linux Description : A blind SQL injection is present in the "idpost" parameter of the "details" controller. ...

Todoo Forum 2.0 Cross Site Scripting / SQL Injection

SQL Injection + Parameter : idpost + http://localhost/todooforum/todooforum.php?cat=reponse&idforum=0&idpost=Injecthere&pg=1 + Parameter : pg + http://localhost/todooforum/todooforum.php?cat=reponse&idforum=0&idpost=1&pg=InjectHere + Cross-site scripting + Parameter : idpost +...