0.4.beta.1

DATE	CVE	VULNERABILITY TITLE	RISK
2008-07-10	CVE-2008-3129	SQL Injection vulnerability in Catviz 0.4Beta1 Multiple SQL injection vulnerabilities in index.php in Catviz 0.4 beta 1 allow remote attackers to execute arbitrary SQL commands via the (1) foreign_key_value parameter in the news page and (2) webpage parameter in the webpage_multi_edit form. network low complexity catviz CWE-89	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.