VYPR

Bp Blog

by Bp Blog

CVEs (2)

  • CVE-2008-2554Jun 5, 2008
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp and (2) cat parameter to template_archives_cat.asp.

  • CVE-2005-0854May 2, 2005
    risk 0.03cvss epss 0.04

    betaparticle blog (bp blog), posisbly before version 4, allows remote attackers to bypass authentication and (1) upload files via a direct request to upload.asp or (2) delete files via a direct request to myFiles.asp.