Bilboblog version 2.1 suffers from SQL injection, cross site scripting, and login bypass vulnerabilities.