SQL injection vulnerability in blog.asp in ParsBlogger (Pb) allows remote malicious users to execute arbitrary SQL commands via the wr parameter.
parsblogger parsblogger _nil_