Vulnerabilities > Duware > Duclassified > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-01 | CVE-2006-2132 | SQL Injection vulnerability in DUclassified Detail.ASP SQL injection vulnerability in detail.asp in DUclassified allows remote attackers to execute arbitrary SQL commands via the iPro parameter. | 6.4 |
| 2004-12-31 | CVE-2004-2199 | Remote vulnerability in Duware Duclassified 4.0 Cross-site scripting (XSS) vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web script or HTML via the message text. network duware | 4.3 |