QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2004-2202

Back to search

CVE-2004-2202

Published: Jul 10, 2005

Modified: Aug 8, 2024

PUBLISHED

Description

Multiple SQL injection vulnerabilities in DUware DUclassified 4.0 through 4.2 allows remote attackers to bypass authentication and execute other commands on the server's underlying database via the (1) cat_id or (2) sub_id parameters in adDetail.asp, or (2) the password parameter in the login form.

VendorProductVersions

n/a

n/a

affected
n/a

References

11363
vdb-entry
x_refsource_BID
10669
vdb-entry
x_refsource_OSVDB
10668
vdb-entry
x_refsource_OSVDB
1011596
vdb-entry
x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now