Vulnerabilities > CVE-2006-6355 - SQL Injection vulnerability in DUClassmate ICity Parameter
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
SQL injection vulnerability in default.asp in DuWare DuClassmate allows remote attackers to execute arbitrary SQL commands via the iCity parameter. NOTE: the iState parameter is already covered by CVE-2005-2049.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | DUClassmate 1.x ICity Parameter SQL Injection Vulnerability. CVE-2006-6355. Webapps exploit for asp platform |
id | EDB-ID:30250 |
last seen | 2016-02-03 |
modified | 2006-12-02 |
published | 2006-12-02 |
reporter | Aria-Security Team |
source | https://www.exploit-db.com/download/30250/ |
title | DUClassmate 1.x ICity Parameter SQL Injection Vulnerability |