6 matches found
EUVD-2006-6337
Malware in sbrugna...
CVE-2006-6354
Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to execute arbitrary SQL commands via the 1 iNews, 2 iType, or 3 Action parameter. NOTE: the iType parameter in type.asp is covered by CVE-2005-3976...
CVE-2006-6354
Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to execute arbitrary SQL commands via the 1 iNews, 2 iType, or 3 Action parameter. NOTE: the iType parameter in type.asp is covered by CVE-2005-3976...
CVE-2006-6354
CVE-2006-6354 and related CVEs describe multiple SQL injection vulnerabilities in DuWare DUNews (and DUNews-family) detail.asp, allowing remote attackers to inject SQL via the (1) iNews, (2) iType, or (3) Action parameters. The iType parameter in type.asp is already covered by CVE-2005-3976. The ...
aria-dunews.txt
Aria-Security Team Advisory Original Advisory: http://www.aria-security.com/forum/showthread.php?t=61 ----------------------------------------------------------- Software: DuNews Method: SQL Injection Vendor: http://www.duware.com/ PoC: http://target/type.asp?iType=SQL Injection...
[Aria-Security Team] DuWare DuNews SQL Injection Vuln
Aria-Security Team Advisory www.Aria-security.Com For English www.Aria-Security.net For Persian Original Advisory: http://www.aria-security.com/forum/showthread.php?t=61 ----------------------------------------------------------- Software: DuNews Method: SQL Injection Vendor: http://www.duware.co...