CVE-2007-1445

2007-03-1400:00:00

mitre

www.cve.org

8.4 High

AI Score

Confidence

Low

0.132 Low

EPSS

Percentile

95.6%

JSON

SQL injection vulnerability in the heme preview feature for default.asp in BP Blog 7.0 through 7.0.2 allows remote attackers to execute arbitrary SQL commands via the layout parameter.

References

blog.betaparticle.com/template_permalink.asp?id=134

osvdb.org/33997

secunia.com/advisories/24473

www.vupen.com/english/advisories/2007/0919

www.exploit-db.com/exploits/3466