cbcvebase.

Duware Duclassified vulnerabilities

4 known vulnerabilities affecting duware/duclassified.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2004-2202P3HIGHCVSS 7.5PoCv4.0v4.1+1 more2004-12-31
CVE-2004-2202 [HIGH] CVE-2004-2202: Multiple SQL injection vulnerabilities in DUware DUclassified 4.0 through 4.2 allows remote attacker Multiple SQL injection vulnerabilities in DUware DUclassified 4.0 through 4.2 allows remote attackers to bypass authentication and execute other commands on the server's underlying database via the (1) cat_id or (2) sub_id parameters in adDetail.asp, or (2) the password parameter in the login form.
nvd
CVE-2006-6354P3HIGHCVSS 7.5v4.0v4.1+1 more2006-12-07
CVE-2006-6354 [HIGH] CVE-2006-6354: Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to exec Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to execute arbitrary SQL commands via the (1) iNews, (2) iType, or (3) Action parameter. NOTE: the iType parameter in type.asp is covered by CVE-2005-3976.
nvd
CVE-2005-3976P4HIGHCVSS 7.5v4.22005-12-03
CVE-2005-3976 [HIGH] CVE-2005-3976: SQL injection vulnerability in type.asp, as used in multiple DUware products including (1) DUamazon SQL injection vulnerability in type.asp, as used in multiple DUware products including (1) DUamazon 3.1, (2) DUarticle 1.1, (3) DUclassified 4.2, (4) DUdirectory 3.1 and DUdirectory Pro 3.0 and 3.0 SQL, (5) DUdownload 1.1, (6) DUgallery 3.3, (7) DUnews 1.1, and (8) DUpaypal 3.1 and DUpaypal Pro 3.0, allows remote attackers to execute arbitrary SQL commands via t
nvd
CVE-2004-2199P4MEDIUMCVSS 4.3v4.02004-12-31
CVE-2004-2199 [MEDIUM] CVE-2004-2199: Cross-site scripting (XSS) vulnerability in DUware DUclassified 4.0 allows remote attackers to injec Cross-site scripting (XSS) vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web script or HTML via the message text.
nvd
Duware Duclassified vulnerabilities | cvebase