|
| Description: | | SQL injection vulnerability in the heme preview feature for default.asp in BP Blog 7.0 through 7.0.2 allows remote attackers to execute arbitrary SQL commands via the layout parameter. |
|
| Impact: | | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. |
|
| Affected OS: | | Windows, Linux, Others |
|
| Reference: | | ExploitDB:3466
http://blog.betaparticle.com/template_permalink.asp?id=134
http://www.vupen.com/english/advisories/2007/0919
|
|