Vulnerabilities > Smartdatasoft

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-24	CVE-2021-37538	SQL Injection vulnerability in Smartdatasoft Smartblog Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year parameter to the controllers/front/archive.php archive controller, or the id_category parameter to the controllers/front/category.php category controller. network low complexity smartdatasoft CWE-89	7.5
2021-06-01	CVE-2021-24335	Cross-site Scripting vulnerability in Smartdatasoft CAR Repair Services & Auto Mechanic The Car Repair Services & Auto Mechanic WordPress theme before 4.0 did not properly sanitise its serviceestimatekey search parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting issue network low complexity smartdatasoft CWE-79	6.1

Vulnerabilities > Smartdatasoft {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Smartdatasoft"}]}