Known Vulnerabilities for products from Duware
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Duware".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2008-2868 json | SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute ar... | Not Provided | 2008-06-26 | 2026-04-23 |
| CVE-2006-6455 json | Multiple SQL injection vulnerabilities in admin/default.asp in DUware DUdirectory 3.1, and possibly DUdirectory Pro and Pro S... | Not Provided | 2006-12-10 | 2026-04-23 |
| CVE-2006-6367 json | Multiple SQL injection vulnerabilities in detail.asp in DUware DUdownload 1.1, and possibly earlier, allow remote attackers t... | Not Provided | 2006-12-07 | 2026-04-23 |
| CVE-2006-6365 json | SQL injection vulnerability in detail.asp in DUware DUpaypal 3.1, and possibly earlier, allows remote attackers to execute ar... | Not Provided | 2006-12-07 | 2026-04-23 |
| CVE-2006-6355 json | SQL injection vulnerability in default.asp in DuWare DuClassmate allows remote attackers to execute arbitrary SQL commands vi... | Not Provided | 2006-12-07 | 2026-04-23 |
| CVE-2006-6354 json | Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to execute arbitrary SQL command... | Not Provided | 2006-12-07 | 2026-04-23 |
| CVE-2006-4487 json | DUware DUpoll 3.0 and 3.1 stores _private/Dupoll.mdb under the web document root with insufficient access control, which allo... | 5 - MEDIUM | 2006-08-31 | 2018-10-17 |
| CVE-2006-2428 json | add.asp in DUware DUbanner 3.1 allows remote attackers to execute arbitrary code by uploading files with arbitrary extensions... | 7.5 - HIGH | 2006-05-17 | 2024-01-26 |
| CVE-2006-2302 json | SQL injection vulnerability in admin_default.asp in DUGallery 2.x allows remote attackers to execute arbitrary SQL commands v... | Not Provided | 2006-05-11 | 2025-04-03 |
| CVE-2006-2132 json | SQL injection vulnerability in detail.asp in DUclassified allows remote attackers to execute arbitrary SQL commands via the i... | Not Provided | 2006-05-01 | 2025-04-03 |
| CVE-2005-4166 json | Cross-site scripting (XSS) vulnerability in password.asp in DUWare DUportal Pro 3.4.3 allows remote attackers to inject arbit... | Not Provided | 2005-12-11 | 2025-04-03 |
| CVE-2005-3976 json | SQL injection vulnerability in type.asp, as used in multiple DUware products including (1) DUamazon 3.1, (2) DUarticle 1.1, (... | Not Provided | 2005-12-03 | 2025-04-03 |
| CVE-2005-2049 json | Multiple SQL injection vulnerabilities in DUware DUclassmate 1.2 allow remote attackers to execute arbitrary SQL commands via... | Not Provided | 2005-06-22 | 2025-04-03 |
| CVE-2005-2048 json | Multiple SQL injection vulnerabilities in DUware DUforum 3.1, and possibly other versions, allow remote attackers to execute ... | Not Provided | 2005-06-22 | 2025-04-03 |
| CVE-2005-2047 json | Multiple SQL injection vulnerabilities in DUware DUpaypal Pro 3.0 allow remote attackers to execute arbitrary SQL commands vi... | Not Provided | 2005-06-22 | 2025-04-03 |
| CVE-2005-2046 json | Multiple SQL injection vulnerabilities in DUware DUamazon Pro 3.0 and 3.1 allow remote attackers to execute arbitrary SQL com... | Not Provided | 2005-06-22 | 2025-04-03 |
| CVE-2005-2045 json | Multiple SQL injection vulnerabilities in DUware DUportal PRO 3.4.3 allow remote attackers to execute arbitrary SQL commands ... | Not Provided | 2005-06-22 | 2025-04-03 |
| CVE-2005-1236 json | Multiple SQL injection vulnerabilities in DUware DUportal 3.1.2 and 3.1.2 SQL allow remote attackers to execute arbitrary SQL... | Not Provided | 2005-05-02 | 2025-04-03 |
| CVE-2005-1224 json | Multiple SQL injection vulnerabilities in DUware DUportal Pro 3.4 allow remote attackers to execute arbitrary SQL commands vi... | Not Provided | 2005-05-02 | 2025-04-03 |
| CVE-2004-2202 json | Multiple SQL injection vulnerabilities in DUware DUclassified 4.0 through 4.2 allows remote attackers to bypass authenticatio... | Not Provided | 2004-12-31 | 2025-04-03 |