cpe:/a:kvaliitti:webdoc_cms:3.0 CVE-2007-6491 2007-12-20T15:46:00.000-05:00 2008-11-15T02:04:48.610-05:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2007-12-21T10:20:00.000-05:00 BUGTRAQ 20071207 Kvaliitti WebDoc 3.0 CMS SQL Injection vulnerability SREASON 3473 OSVDB 43709 OSVDB 43710 Multiple SQL injection vulnerabilities in Kvaliitti WebDoc 3.0 CMS allow remote attackers to execute arbitrary SQL commands via (1) the cat_id parameter to categories.asp; and probably (2) the document_id parameter to categories.asp, and the (3) cat_id and (4) document_id parameters to subcategory.asp.