Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
DuwareDuarticle

2 matches found

CVE
CVEadded 2005/12/03 7:0 p.m.88 views

CVE-2005-3976

CVE-2005-3976 describes a SQL injection in DUware products (DUamazon 3.1, DUarticle 1.1, DUclassified 4.2, DUdirectory 3.1/3.0, DUdownload 1.1, DUgallery 3.3, DUnews 1.1, DUpaypal 3.1/Pro 3.0) via the iType parameter in type.asp. The underlying issue is that user-supplied input is used to constru...

7.5CVSS8.3AI score0.01211EPSS
CVE
CVEadded 2006/12/07 1:0 a.m.58 views

CVE-2006-6354

CVE-2006-6354 and related CVEs describe multiple SQL injection vulnerabilities in DuWare DUNews (and DUNews-family) detail.asp, allowing remote attackers to inject SQL via the (1) iNews, (2) iType, or (3) Action parameters. The iType parameter in type.asp is already covered by CVE-2005-3976. The ...

7.5CVSS8.5AI score0.01619EPSS