CVE-2021-37538
published 2021-08-24CVE-2021-37538: Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL…
PriorityP189critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
74.49%
99.4th percentile
Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year parameter to the controllers/front/archive.php archive controller, or the id_category parameter to the controllers/front/category.php category controller.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| smartdatasoft | smartblog | < 4.06 | 4.06 |
Detection & IOCsextracted from sources · hover to see the quote
url/module/smartblog/archive?month=1&year=1&day=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,(SELECT%20MD5(55555)),NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20-↗
- →Detect exploitation attempts targeting the SmartBlog archive endpoint via UNION-based SQL injection in the `day`, `month`, or `year` GET parameters. ↗
- →Detect exploitation attempts targeting the SmartBlog category endpoint via SQL injection in the `id_category` GET parameter. ↗
- →The PoC probe uses a UNION ALL SELECT with 23 columns and MD5(55555); a response body containing the MD5 digest `c5fe25896e49ddfe996db7508cf00534` with HTTP 200 confirms blind/union SQLi success. ↗
- →Unauthenticated remote attacker; no session or authentication token is required to trigger the vulnerability — monitor for UNION SELECT payloads on /module/smartblog/ paths from unauthenticated sessions. ↗
- ·Vulnerability is only present in SmartBlog for PrestaShop versions before 4.0.6; patched installations are not affected. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8v9p-7c45-26j2: Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4
ghsa_unreviewed·2022-05-24
CVE-2021-37538 [CRITICAL] CWE-89 GHSA-8v9p-7c45-26j2: Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4
Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year parameter to the controllers/front/archive.php archive controller, or the id_category parameter to the controllers/front/category.php category controller.
VulnCheck
smartdatasoft smartblog Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
vulncheck·2021·CVSS 9.8
CVE-2021-37538 [CRITICAL] smartdatasoft smartblog Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
smartdatasoft smartblog Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year parameter to the controllers/front/archive.php archive controller, or the id_category parameter to the controllers/front/category.php category controller.
Affected: smartdatasoft smartblog
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://app.crowdsec.net/cti/cve-explorer/CVE-2021-37538
No detection rules found.
Nuclei
PrestaShop SmartBlog <4.0.6 - SQL Injection
nuclei·CVSS 9.8
CVE-2021-37538 [CRITICAL] PrestaShop SmartBlog <4.0.6 - SQL Injection
PrestaShop SmartBlog <4.0.6 - SQL Injection
PrestaShop SmartBlog by SmartDataSoft < 4.0.6 is vulnerable to a SQL injection vulnerability in the blog archive functionality.
Template:
id: CVE-2021-37538
info:
name: PrestaShop SmartBlog <4.0.6 - SQL Injection
author: whoever
severity: critical
description: PrestaShop SmartBlog by SmartDataSoft < 4.0.6 is vulnerable to a SQL injection vulnerability in the blog archive functionality.
impact: |
An attacker can gain unauthorized access to the database, extract sensitive information, modify data, or perform other malicious activities.
remediation: |
Upgrade PrestaShop SmartBlog to version 4.0.6 or later to mitigate the SQL Injection vulnerability.
reference:
- https://blog.sorcery.ie/posts/smartblog_sqli/
- https://nvd.nist.gov/vuln/detail/CVE
2021-08-24
Published
Exploited in the wild