Duware Duamazon vulnerabilities
2 known vulnerabilities affecting duware/duamazon.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2006-6354P3HIGHCVSS 7.5v3.0v3.12006-12-07
CVE-2006-6354 [HIGH] CVE-2006-6354: Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to exec
Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to execute arbitrary SQL commands via the (1) iNews, (2) iType, or (3) Action parameter. NOTE: the iType parameter in type.asp is covered by CVE-2005-3976.
nvd
CVE-2005-3976P4HIGHCVSS 7.5v3.12005-12-03
CVE-2005-3976 [HIGH] CVE-2005-3976: SQL injection vulnerability in type.asp, as used in multiple DUware products including (1) DUamazon
SQL injection vulnerability in type.asp, as used in multiple DUware products including (1) DUamazon 3.1, (2) DUarticle 1.1, (3) DUclassified 4.2, (4) DUdirectory 3.1 and DUdirectory Pro 3.0 and 3.0 SQL, (5) DUdownload 1.1, (6) DUgallery 3.3, (7) DUnews 1.1, and (8) DUpaypal 3.1 and DUpaypal Pro 3.0, allows remote attackers to execute arbitrary SQL commands via t
nvd