Vulnerabilities > Duware

DATE CVE VULNERABILITY TITLE RISK
2004-12-31 CVE-2004-2200 Remote vulnerability in DUware Software
Cross-site scripting (XSS) vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to inject arbitrary web script or HTML via via the message text.
network
duware
4.3
2004-12-31 CVE-2004-2199 Remote vulnerability in Duware Duclassified 4.0
Cross-site scripting (XSS) vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web script or HTML via the message text.
network
duware
4.3
2004-12-31 CVE-2004-2198 Remote vulnerability in DUware Software
account.asp in DUware DUclassmate 1.0 through 1.1 allows remote attackers to change the passwords for arbitrary users by modifying the MM_recordId parameter on the "My Account" page.
network
low complexity
duware
6.4