CVE-2005-0854

Name of the Vulnerable Software and Affected Versions betaparticle blog (bp blog) versions prior to 4

Description The issue allows remote attackers to bypass authentication. This can lead to two main consequences: (1) uploading files via a direct request to "upload.asp" (2) deleting files via a direct request to "myFiles.asp".

Recommendations For versions prior to 4, as a temporary workaround, consider restricting access to the "upload.asp" and "myFiles.asp" endpoints until a patch is available. Avoid using these endpoints in your workflow until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.