PrestaHome Blog for PrestaShop <1.7.8 - SQL Injection

PrestaHome Blog for PrestaShop prior to version 1.7.8 is vulnerable to a SQL injection blind via the sbcategory parameter. id: CVE-2021-36748 info: name: PrestaHome Blog for PrestaShop 1.7.8 - SQL Injection author: whoever severity: high description: PrestaHome Blog for PrestaShop prior to versio...

CVE-2021-36748

A SQL Injection issue in the list controller of the Prestahome Blog aka phsimpleblog module before 1.7.8 for Prestashop allows a remote attacker to extract data from the database via the sbcategory parameter...

CVE-2021-36748

A SQL Injection issue in the list controller of the Prestahome Blog aka phsimpleblog module before 1.7.8 for Prestashop allows a remote attacker to extract data from the database via the sbcategory parameter...

CVE-2021-36748

A SQL Injection issue in the list controller of the Prestahome Blog aka phsimpleblog module before 1.7.8 for Prestashop allows a remote attacker to extract data from the database via the sbcategory parameter...

Sql injection

A SQL Injection issue in the list controller of the Prestahome Blog aka phsimpleblog module before 1.7.8 for Prestashop allows a remote attacker to extract data from the database via the sbcategory parameter...

CVE-2021-36748

PrestaHome Blog (ph_simpleblog) for PrestaShop before version 1.7.8 is vulnerable to a SQL injection (blind) via the sb_category parameter in the list controller. Exploitation could allow an attacker to extract data from the database. The issue is corroborated by multiple sources, including a ded...

CVE-2021-36748

A SQL Injection issue in the list controller of the Prestahome Blog aka phsimpleblog module before 1.7.8 for Prestashop allows a remote attacker to extract data from the database via the sbcategory parameter...