9 matches found
EUVD-2005-2049
Malware in sbrugna...
DUware DUpaypal 3.0/3.1 detail.asp iPro Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/14034/info DUpaypal Pro is prone to multiple SQL-injection vulnerabilities because the fails application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacke...
DUware DUpaypal 3.0/3.1 sub.asp iSub Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/14034/info DUpaypal Pro is prone to multiple SQL-injection vulnerabilities because the fails application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacke...
DUpaypal Pro Multiple Scripts SQL Injection
The remote host is running DUpaypal Pro, an ASP-based storefront from DUware for Paypal. The installed version of DUpaypal Pro fails to properly sanitize user- supplied input in several instances before using it in SQL queries. By exploiting these flaws, an attacker can affect database queries,...
Echo Security Advisory 2005.19
--------------------------------------------------------------------------- ECHOADV19$2005 Multiple SQL INJECTION in DUWARE Products --------------------------------------------------------------------------- Author: Dedi Dwianto Date: June, 22th 2005 Location: Indonesia, Jakarta Web:...
CVE-2005-2047
Multiple SQL injection vulnerabilities in DUware DUpaypal Pro 3.0 allow remote attackers to execute arbitrary SQL commands via the 1 iCat parameter to cat.asp, 2 iPro parameter to detail.asp, 3 iSub parameter to sub.asp, 4 iCat parameter to catEdit.asp...
CVE-2005-2047
Multiple SQL injection vulnerabilities in DUware DUpaypal Pro 3.0 allow remote attackers to execute arbitrary SQL commands via the 1 iCat parameter to cat.asp, 2 iPro parameter to detail.asp, 3 iSub parameter to sub.asp, 4 iCat parameter to catEdit.asp...
CVE-2005-2047
Affected product: DUware DUpaypal Pro (3.0; 3.1 noted in related CVEs) is affected by multiple SQL injection vulnerabilities. Vulnerability: Improper sanitization of user-supplied input enables remote attackers to craft SQL queries via specific parameters and pages: iCat to cat.asp (and catEdit.a...
[ECHO_ADV_19$2005] Multiple SQL INJECTION in DUWARE Products
--------------------------------------------------------------------------- ECHOADV19$2005 Multiple SQL INJECTION in DUWARE Products --------------------------------------------------------------------------- Author: Dedi Dwianto Date: June, 22th 2005 Location: Indonesia, Jakarta Web:...