Duware » Duclassified : Security Vulnerabilities, CVEs, Published In 2006 (Sql injection)
Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to execute arbitrary SQL commands via the (1) iNews, (2) iType, or (3) Action parameter. NOTE: the iType parameter in type.asp is covered by CVE-2005-3976.
Max CVSS
7.5
EPSS Score
0.48%
Published
2006-12-07
Updated
2018-10-17
SQL injection vulnerability in detail.asp in DUclassified allows remote attackers to execute arbitrary SQL commands via the iPro parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
6.4
EPSS Score
0.30%
Published
2006-05-01
Updated
2008-09-05
2 vulnerabilities found