2 matches found
CVE-2006-2132
SQL injection vulnerability in detail.asp in DUclassified allows remote attackers to execute arbitrary SQL commands via the iPro parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-2132
CVE-2006-2132 refers to a SQL injection in DUclassified’s detail.asp via the iPro parameter. The vulnerability is exploitable remotely with network access, and the CVSSv2 base score is 6.4 (Medium) with: attack vector NETWORK, require no authentication, and impacts on integrity and availability (...