Skip to main content
CVE-2019-3494 HIGH POC This Week

Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteCategories.php delete parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Simply Blog
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy