The Net Guys: >> Aspired2blog Security Vulnerabilities
SQL injection vulnerability in admin/blog_comments.asp in The Net Guys ASPired2Blog allows remote attackers to execute arbitrary SQL commands via the BlogID parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2009-01-21
The Net Guys ASPired2Blog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for admin/blog.mdb. NOTE: some of these details are obtained from third party information.
CVSS Score
5.0
EPSS Score
0.028
Published
2009-01-21