CNNVD-202601-4716 Information

CNNVD ID

CNNVD-202601-4716

Related CVE

CVE-2020-36972

• CNNVD Published: 2026-01-28

Description (Chinese)

SmartBlog是Muhammad Arifur Rahman个人开发者的一个博客模块。 SmartBlog 2.0.1版本存在安全漏洞，该漏洞源于details控制器中id_post参数存在盲SQL注入，可能导致提取数据库信息。

Description (English)

SmartBlog is a blog module for Muhammad Arifur Rahman’s personal developer. There is a security loophole in version 2.0.1 of SmartBlog, which stems from the blind SQL injection of id post parameters in the destails controller, which may lead to the extraction of database information.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-28

Last Modified

2026-02-24

References

https://github.com/smartdatasoft/smartblog https://www.exploit-db.com/exploits/48995 https://www.vulncheck.com/advisories/smartblog-idpost-blind-sql-injection

Patch

https://github.com/smartdatasoft/smartblog/releases