RSS   Vulnerabilities for 'Duamazon pro'   RSS

2005-06-22
 
CVE-2005-2046

 

 
Multiple SQL injection vulnerabilities in DUware DUamazon Pro 3.0 and 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) iCat parameter to cat.asp, (2) iSub parameter to sub.asp, (3) iSub parameter to detail.asp, (4) iPro parameter to review.asp, iCat parameter to (5) catEdit.asp, (6) catDelete.asp, (7) productEdit.asp, or (8) productDelete.asp, or (9) iType parameter to type.asp.

 

 >>> Vendor: Duware 19 Products
Duclassmate
Duclassified
Duforum
Duportal
Duportal pro
Duamazon pro
Dupaypal pro
Duamazon
Duarticle
Dudirectory
Dudirectory pro
Dudirectory pro sql
Dudownload
Dugallery
Dunews
Dupaypal
Dubanner
Dupoll
Ducalendar


Copyright 2024, cxsecurity.com

 

Back to Top