SQL injection vulnerability in the heme preview feature for default.asp in BP Blog 7.0 through 7.0.2 allows remote attackers to execute arbitrary SQL commands via the layout parameter.
https://www.exploit-db.com/exploits/3466
http://www.vupen.com/english/advisories/2007/0919