SQL injection vulnerability in type.asp, as used in multiple DUware products including (1) DUamazon 3.1, (2) DUarticle 1.1, (3) DUclassified 4.2, (4) DUdirectory 3.1 and DUdirectory Pro 3.0 and 3.0 SQL, (5) DUdownload 1.1, (6) DUgallery 3.3, (7) DUnews 1.1, and (8) DUpaypal 3.1 and DUpaypal Pro 3.0, allows remote malicious users to execute arbitrary SQL commands via the iType parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
duware duarticle 1.1 |
||
duware duclassified 4.2 |
||
duware dupaypal 3.1 |
||
duware dupaypal pro 3.0 |
||
duware dudirectory pro sql 3.0 |
||
duware dudownload 1.1 |
||
duware duamazon 3.1 |
||
duware dugallery 3.3 |
||
duware dunews 1.1 |
||
duware dudirectory 3.1 |
||
duware dudirectory pro 3.0 |