SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and earlier MySQL and PostgreSQL editions allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
https://exchange.xforce.ibmcloud.com/vulnerabilities/43136
http://www.securityfocus.com/bid/29764
http://www.blogn.org/index.php?e=170