IDCVSSSummaryLast (major) updatePublished
CVE-2008-2626 7.5
SQL injection vulnerability in comment.asp in Battle Blog 1.25 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter.
29-09-2017 - 01:31 10-06-2008 - 00:32
CVE-2008-2685 7.5
SQL injection vulnerability in article.asp in Battle Blog 1.25 Build 4 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter, a different vector than CVE-2008-2626.
08-08-2017 - 01:31 12-06-2008 - 12:21
CVE-2007-0078 5.0
BattleBlog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/blankmaster.mdb.
16-10-2018 - 16:31 05-01-2007 - 11:28
Back to Top Mark selected
Back to Top