EUVD-2005-2048

Malware in sbrugna...

DUware DUamazon Pro 3.0/3.1 productEdit.asp iCat Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...

DUware DUamazon Pro 3.0/3.1 detail.asp iSub Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...

DUware DUamazon Pro 3.0/3.1 catDelete.asp iCat Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...

DUware DUamazon Pro 3.0/3.1 type.asp iType Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...

DUware DUamazon Pro 3.0/3.1 productDelete.asp iCat Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...

DUware DUamazon Pro 3.0/3.1 review.asp iPro Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...

DUamazon Pro Multiple Scripts SQL Injection

The remote host is running DUamazon Pro, an ASP-based storefront from DUware for Amazon affiliates. The installed version of DUamazon Pro fails to properly sanitize user- supplied input in several instances before using it in SQL queries. By exploiting these flaws, an attacker can affect database...

Echo Security Advisory 2005.19

--------------------------------------------------------------------------- ECHOADV19$2005 Multiple SQL INJECTION in DUWARE Products --------------------------------------------------------------------------- Author: Dedi Dwianto Date: June, 22th 2005 Location: Indonesia, Jakarta Web:...

CVE-2005-2046

CVE-2005-2046 affects DUware DUamazon Pro 3.0 and 3.1 (ASP storefront). The vulnerability consists of multiple SQL injection flaws where attacker-controlled input in various parameters (iCat, iSub, iPro, and iType across cat.asp, sub.asp, detail.asp, review.asp, catEdit.asp, catDelete.asp, produc...

CVE-2005-2046

Multiple SQL injection vulnerabilities in DUware DUamazon Pro 3.0 and 3.1 allow remote attackers to execute arbitrary SQL commands via the 1 iCat parameter to cat.asp, 2 iSub parameter to sub.asp, 3 iSub parameter to detail.asp, 4 iPro parameter to review.asp, iCat parameter to 5 catEdit.asp, 6...

CVE-2005-2046

Multiple SQL injection vulnerabilities in DUware DUamazon Pro 3.0 and 3.1 allow remote attackers to execute arbitrary SQL commands via the 1 iCat parameter to cat.asp, 2 iSub parameter to sub.asp, 3 iSub parameter to detail.asp, 4 iPro parameter to review.asp, iCat parameter to 5 catEdit.asp, 6...

DUware DUamazon Pro 3.0/3.1 - 'detail.asp?iSub' SQL Injection

source: https://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise ...

DUware DUamazon Pro 3.03.1 - productDelete.asp?iCat SQL Injection

DUware DUamazon Pro 3.03.1 - productDelete.asp?iCat SQL Injection source: https://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in...

[ECHO_ADV_19$2005] Multiple SQL INJECTION in DUWARE Products

--------------------------------------------------------------------------- ECHOADV19$2005 Multiple SQL INJECTION in DUWARE Products --------------------------------------------------------------------------- Author: Dedi Dwianto Date: June, 22th 2005 Location: Indonesia, Jakarta Web:...

DUware DUamazon Pro 3.0/3.1 - 'productEdit.asp?iCat' SQL Injection

source: https://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise ...

DUware DUamazon Pro 3.0/3.1 - 'catDelete.asp?iCat' SQL Injection

source: https://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise ...

DUware DUamazon Pro 3.0/3.1 - 'type.asp?iType' SQL Injection

source: https://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise ...