CVE-2007-4085 Information

Description

Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to search.php.

Reference

http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html http://osvdb.org/37095 http://osvdb.org/37096 http://osvdb.org/46166