cpe:/a:vu:case_manager CVE-2007-6168 2007-11-28T20:46:00.000-05:00 2011-03-07T22:02:04.953-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-11-29T11:36:00.000-05:00 BUGTRAQ 20071121 [Aria-Security.Net] VU Case Manager "Username/Password" SQL Injection BID 26643 SECUNIA 27779 VUPEN ADV-2007-3967 SQL injection vulnerability in default.asp in VU Case Manager allows remote attackers to execute arbitrary SQL commands via the username parameter, a different vector than CVE-2007-6143. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.