54 matches found
EUVD-2005-2047
Malware in sbrugna...
EUVD-2005-1227
Malware in sbrugna...
EUVD-2005-4161
Malware in sbrugna...
EUVD-2005-1239
Malware in sbrugna...
DUportal 3.1.2 channel.asp iChannel Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13288/info DUportal/DUportal SQL are prone to multiple SQL injection vulnerabilities. These issues exist because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful...
DUportal Pro 3.4 inc_vote.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacke...
DUportal Pro 3.4 search.asp iChannel Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacke...
DUportal 3.1.2 type.asp iCat Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13288/info DUportal/DUportal SQL are prone to multiple SQL injection vulnerabilities. These issues exist because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful...
DUportal Pro 3.4 default.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacke...
DUportal Pro 3.4 detail.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacke...
DUportal Pro 3.4 result.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacke...
DUware DUportal 3.4.3 Pro Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/14029/info DUportal Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...
DUportal 3.1.2 inc_poll_voting.asp DAT_PARENT Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13288/info DUportal/DUportal SQL are prone to multiple SQL injection vulnerabilities. These issues exist because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful...
DUportal Pro 3.4 cat.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacke...
DUportal 3.1.2 inc_rating.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13288/info DUportal/DUportal SQL are prone to multiple SQL injection vulnerabilities. These issues exist because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful...
aria-portal.txt
Aria-Security Team Advisory Original Advisory: http://www.aria-security.com/forum/showthread.php?t=63 ----------------------------------------------------------- Software: DuPortal Pro 3.4 Method: SQL Injection Vendor: http://duware.com PoC:...
[Aria-Security Team] DuWare DuPortal SQL Injection Vuln
Aria-Security Team Advisory www.Aria-security.Com For English www.Aria-Security.net For Persian Original Advisory: http://www.aria-security.com/forum/showthread.php?t=63 ----------------------------------------------------------- Software: DuPortal Pro 3.4 Method: SQL Injection Vendor:...
SQL Injection On DUportal
Proof of Concept: /News/cat.asp?iCat=' SQL INJECTION&iChannel=1&nChannel=News /Articles/cat.asp?iCat=' SQL INJECTION&iChannel=2&nChannel=Articles /Pictures/cat.asp?iCat=' SQL INJECTION&iChannel=3&nChannel=Pictures Original advisory:http://www.aria-security.net/advisory/duportal.txt...
CVE-2005-4166
Cross-site scripting XSS vulnerability in password.asp in DUWare DUportal Pro 3.4.3 allows remote attackers to inject arbitrary web script or HTML via the result parameter...
CVE-2005-4166
The CVE-2005-4166 entry documents a Cross-site Scripting (XSS) vulnerability in DUWare DUportal Pro 3.4.3, exploitable via the result parameter in password.asp. The affected component is password.asp within DUportal Pro 3.4.3; the root cause is input handling allowing script/HTML injection. The p...