Battleblog » Battleblog : Security Vulnerabilities, CVEs,
SQL injection vulnerability in article.asp in Battle Blog 1.25 Build 4 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter, a different vector than CVE-2008-2626.
Max CVSS
7.5
EPSS Score
0.14%
Published
2008-06-12
Updated
2017-08-08
SQL injection vulnerability in comment.asp in Battle Blog 1.25 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter.
Max CVSS
7.5
EPSS Score
0.18%
Published
2008-06-10
Updated
2017-09-29
BattleBlog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/blankmaster.mdb.
Max CVSS
5.0
EPSS Score
0.86%
Published
2007-01-05
Updated
2018-10-16
3 vulnerabilities found