Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteCategories.php delete parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected