Vulnerabilities > Battleblog > Battleblog > 1.0d
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-06-10 | CVE-2008-2626 | SQL Injection vulnerability in Battleblog 1.05/1.0D/1.20 SQL injection vulnerability in comment.asp in Battle Blog 1.25 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter. | 7.5 |
2007-01-05 | CVE-2007-0078 | Information Disclosure vulnerability in Battleblog 1.0D BattleBlog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/blankmaster.mdb. | 5.0 |