Home page logo
/

bugtraq logo Bugtraq mailing list archives

[Aria-Security Team] DuWare DuPortal SQL Injection Vuln
From: Advisory () Aria-Security Net
Date: 2 Dec 2006 00:40:33 -0000

#Aria-Security Team Advisory
#<www.Aria-security.Com For English >
#<www.Aria-Security.net For Persian >
#Original Advisory:
#http://www.aria-security.com/forum/showthread.php?t=63
#-----------------------------------------------------------
#Software: DuPortal Pro 3.4
#Method: SQL Injection 
#Vendor: http://duware.com
#
#PoC:
#http://target/DUportalPro34Demo/Pictures/default.asp?iChannel=1&nChannel=[SQL Injection]
#http://target/DUportalPro34Demo/Pictures/default.asp?iChannel=[SQL Injection]
#http://target/DUportalPro34Demo/Files/cat.asp?iCat=[SQL Injection]
#http://target/DUportalPro34Demo/Files/cat.asp?iCat=202&iChannel=[SQL Injection]
#
#Contact: Advisory () aria-security net


  By Date           By Thread  

Current thread:
  • [Aria-Security Team] DuWare DuPortal SQL Injection Vuln Advisory (Dec 02)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault