C0wnuts

1 exploit Active since Jan 2026
CVE-2020-36972 EXPLOITDB HIGH python WORKING POC
SmartBlog 2.0.1 - Blind SQL Injection via id_post Parameter
SmartBlog 2.0.1 contains a blind SQL injection vulnerability in the 'id_post' parameter of the details controller that allows attackers to extract database information. Attackers can systematically test and retrieve database contents by injecting crafted SQL queries that compare character-by-character of database information.
CVSS 8.2