Vulnerabilities > CVE-2006-2132 - SQL Injection vulnerability in DUclassified Detail.ASP

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
duware
exploit available
NVD
Published: 2006-05-01
Updated: 2008-09-05

Summary

SQL injection vulnerability in detail.asp in DUclassified allows remote attackers to execute arbitrary SQL commands via the iPro parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part Description Count
Application
Duware
1

Exploit-Db

descriptionDUclassified Detail.ASP SQL Injection Vulnerability. CVE-2006-2132. Webapps exploit for asp platform
idEDB-ID:27757
last seen2016-02-03
modified2006-04-28
published2006-04-28
reportersadegh.sarshogh
sourcehttps://www.exploit-db.com/download/27757/
titleDUclassified Detail.ASP SQL Injection Vulnerability

References