CVE-2009-3499
BPowerHouse BPLawyerCaseDocuments 1.0 is affected by an SQL injection in employee.aspx via the cat parameter. Root cause: improper handling of user input enabling arbitrary SQL execution by remote attackers. The CVE is supported by multiple sources (NVD, Red Hat, CVE listings) with a Base Score o...