CVE-2006-6194 Information

Description

Multiple SQL injection vulnerabilities in index.asp in Ultimate Survey Pro allow remote attackers to execute arbitrary SQL commands via the (1) cat or (2) did parameter.

Reference

http://securityreason.com/securityalert/1936 http://www.aria-security.com/forum/showthread.php?t=38 http://www.securityfocus.com/archive/1/452554/100/0/threaded http://www.vupen.com/english/advisories/2006/4706 https://exchange.xforce.ibmcloud.com/vulnerabilities/30499