Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteCategories.php delete parameter. Date published : 2019-01-01 https://github.com/Paroxyste/S