14 matches found
EUVD-2005-4161
Malware in sbrugna...
EUVD-2005-2047
Malware in sbrugna...
EUVD-2005-1227
Malware in sbrugna...
EUVD-2005-1239
Malware in sbrugna...
CVE-2005-4166
Cross-site scripting XSS vulnerability in password.asp in DUWare DUportal Pro 3.4.3 allows remote attackers to inject arbitrary web script or HTML via the result parameter...
CVE-2005-4166
Cross-site scripting XSS vulnerability in password.asp in DUWare DUportal Pro 3.4.3 allows remote attackers to inject arbitrary web script or HTML via the result parameter...
CVE-2005-2045
CVE-2005-2045 concerns multiple SQL injection flaws in DUportal Pro 3.4.3 from DUware. The product does not properly sanitize user input before using it in SQL queries, enabling remote attackers to affect database queries. Affected parameters include (1) iChannel to default.asp, (2) iData to deta...
CVE-2005-2045
Multiple SQL injection vulnerabilities in DUware DUportal PRO 3.4.3 allow remote attackers to execute arbitrary SQL commands via the 1 iChannel parameter to default.asp, 2 iData parameter to detail.asp, 3 iMem parameter to members.asp, 4 iCat parameter to cat.asp, 5 offset parameter to...
CVE-2005-1236
Multiple SQL injection vulnerabilities in DUware DUportal 3.1.2 and 3.1.2 SQL allow remote attackers to execute arbitrary SQL commands via the 1 iChannel parameter to channel.asp or search.asp, 2 iData parameter to detail.asp or incrating.asp, 3 iCat parameter to detail.asp or type.asp, 4 DATPARE...
CVE-2005-1224
Multiple SQL injection vulnerabilities in DUware DUportal Pro 3.4 allow remote attackers to execute arbitrary SQL commands via the 1 nChannel parameter to default.asp, cat.asp, or detail.asp, 2 the iChannel parameter to search.asp, default.asp, result.asp, cat.asp, or detail.asp 3 the iCat...
CVE-2005-1236
CVE-2005-1236 affects DUportal DUportal 3.1.2 (and related 3.1.2 SQL) with multiple SQL injection vectors (iChannel to channel.asp/search.asp; iData to detail.asp/inc_rating.asp; iCat to detail.asp/type.asp; DAT_PARENT to inc_poll_voting.asp; iRate to inc_rating.asp). Root cause: improper input h...
CVE-2005-1236
Multiple SQL injection vulnerabilities in DUware DUportal 3.1.2 and 3.1.2 SQL allow remote attackers to execute arbitrary SQL commands via the 1 iChannel parameter to channel.asp or search.asp, 2 iData parameter to detail.asp or incrating.asp, 3 iCat parameter to detail.asp or type.asp, 4 DATPARE...
CVE-2005-1224
DUportal/DUportal Pro (versions 3.4; 3.1.2 and 3.1.2 SQL) are affected by multiple SQL injection vulnerabilities. The flaws allow remote attackers to inject arbitrary SQL via parameters such as nChannel, iChannel, iData, iCat, POL_ID/POL_PARENT/POL_CATEGORY/CHA_NAME/CHA_ID, and tfm_order/tfm_orde...
CVE-2005-1224
Multiple SQL injection vulnerabilities in DUware DUportal Pro 3.4 allow remote attackers to execute arbitrary SQL commands via the 1 nChannel parameter to default.asp, cat.asp, or detail.asp, 2 the iChannel parameter to search.asp, default.asp, result.asp, cat.asp, or detail.asp 3 the iCat...