CVE-2006-6367 in DUdownloadinfo

Summary

Multiple SQL injection vulnerabilities in detail.asp in DUware DUdownload 1.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) iFile or (2) action parameter. NOTE: the iType parameter is already covered by CVE-2005-3976.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

12/06/2006

Disclosure

12/07/2006

Moderation

VulDB entry created

Entries

VDB-33679 (1)

CPE

ready

CWE

CWE-89 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.02176

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2006-6367
NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-6367
CVE Details	https://www.cvedetails.com/cve/CVE-2006-6367/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!