SQL injection vulnerability in detail.asp in DUware DUpaypal 3.1, and possibly earlier, allows remote malicious users to execute arbitrary SQL commands via the iType parameter. NOTE: the iState parameter is already covered by CVE-2005-3976 and the iPro parameter is already covered by CVE-2005-2047.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
duware dupaypal 3.1 |
||
duware dupaypal pro_3.0 |
||
duware dupaypal 3.0 |
||
duware dupaypal pro_3.1 |