Multiple Sql Injection In Duware Products

Full Version: Multiple Sql Injection In Duware Products

GovernmentSecurity.org > General GSO > Exploit & Vulnerability Mailing List Archives

qcred11

Jun 24 2005, 04:56 PM

QUOTE

Multiple SQL INJECTION in DUWARE Products

Author: Dedi Dwianto
Date: June, 22th 2005

---------------------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : - DUportal PRO ver 3.4.3
- DUamazon Pro ver 3.0 and ver 3.1
- DUpaypal Pro Ver 3.0
- DUforum Ver 3.1
- DUclassmate Ver 1.2
URL : http://www.duresources.com

---------------------------------------------------------------------------

Vulnerabilities:
~~~~~~~~~~~~~~~~

A. DUportal Pro

* http://victim/DUportalPro34/Articles/default.asp?iChannel=2[SQL Inject]&nChannel=Articles

* http://victim/DUportalPro34/Articles/detail.asp?iData=4[SQL
Inject]&iCat=292&iChannel=2&nChannel=Articles

* http://victim/DUportalPro34/home/members.asp?iMem=[SQL Inject]

* http://victim/DUportalPro34/topics/cat.asp?iCat=4[SQL Inject]&iChannel=16&nChannel=Topics

* http://victim/DUportalPro34/Polls/default.asp?iChannel=15[SQL Inject]&nChannel=Polls

* http://victim/DUportalPro34/home/members.asp?iMem=[SQL Inject]

* http://victim/DUportalPro34/admin/members_...val.asp?offset=[SQL Inject]

* http://victim/DUportalPro34/admin/channels....asp?iChannel=7[SQL inject]&nChannel=[Name Module]

B. DUamazon Pro

* http://victim/DUamazonPro/shops/cat.asp?iCat=19[SQL Inject]

* http://victim/DUamazonPro/shops/sub.asp?iSub=18[SQL Inject]

* http://victim/DUamazonPro/shops/detail.asp?iPro=34&iSub=17[SQL Inject]

* http://victim/DUamazonPro/shops/review.asp?iSub=17&iPro=36[SQL Inject]

* http://victim/DUamazonPro/admin/catEdit.asp?iCat=12[SQL Inject]

* http://victim/DUamazonPro/admin/catDelete.asp?iCat=13[SQL Inject]

* http://victim/DUamazonPro/admin/productEdi...iPro=34&iCat=12[SQL Inject]

* http://victim/DUamazonPro/admin/productDel...iPro=37&iCat=12[SQL Inject]

* http://victim/DUamazon/type.asp?iType=1[SQL inject]

C. DUpaypal Pro

* http://victim/DUpaypalPro/shops/cat.asp?iCat=[SQL Inject]

* http://victim/DUpaypalPro/shops/detail.asp?iPro=40[SQL Inject]&iSub=

* http://victim/DUpaypalPro/shops/sub.asp?iSub=[SQL Inject]

* http://victim/DUpaypalPro/admin/catEdit.asp?iCat=[SQL inject]

D. DUforum

* http://victim/DUforum/messages.asp?iMsg=[SQL Inject]248&iFor=6

* http://victim/DUforum/post.asp?iFor=6[SQL Inject]

* http://victim/DUforum/forums.asp?iFor=[SQL Inject]

* http://victim/DUforum/admin/userEdit.asp?id=[SQL Inject]

E. DUclassmate

* http://victim/DUclassmate/default.asp?iState=[SQL Inject]&nState=Florida

* http://victim/DUclassmate/admin/edit.asp?iPro=[SQL Inject]

F. Fix

Vendor allready contacted at 20 June 2005 but no response till now

Link is unavailable

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.