RSS   Vulnerabilities for 'Duclassmate'   RSS

2006-12-06
 
CVE-2006-6355

CWE-Other
 
 
SQL injection vulnerability in default.asp in DuWare DuClassmate allows remote attackers to execute arbitrary SQL commands via the iCity parameter. NOTE: the iState parameter is already covered by CVE-2005-2049.

 
2005-06-22
 
CVE-2005-2049

 
 
Multiple SQL injection vulnerabilities in DUware DUclassmate 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) iState parameter to default.asp or (2) iPro parameter to edit.asp.

 
2004-12-31
 
CVE-2004-2198

 
 
account.asp in DUware DUclassmate 1.0 through 1.1 allows remote attackers to change the passwords for arbitrary users by modifying the MM_recordId parameter on the "My Account" page.

 

 >>> Vendor: Duware 19 Products
Duclassmate
Duclassified
Duforum
Duportal
Duportal pro
Duamazon pro
Dupaypal pro
Duamazon
Duarticle
Dudirectory
Dudirectory pro
Dudirectory pro sql
Dudownload
Dugallery
Dunews
Dupaypal
Dubanner
Dupoll
Ducalendar

Copyright 2024, cxsecurity.com

 

Back to Top