TUCoPS :: Web :: CMS / Portals :: c07-1115.htm

DuWare DuPortal SQL Injection Vuln
DuWare DuPortal SQL Injection Vuln
DuWare DuPortal SQL Injection Vuln


#Aria-Security Team Advisory
# For English > 
# For Persian > 
#Original Advisory:
#http://www.aria-security.com/forum/showthread.php?t=63 
#-----------------------------------------------------------
#Software: DuPortal Pro 3.4
#Method: SQL Injection 
#Vendor: http://duware.com 
#
#PoC:
#http://target/DUportalPro34Demo/Pictures/default.asp?iChannel=1&nChannel=[SQL Injection] 
#http://target/DUportalPro34Demo/Pictures/default.asp?iChannel=[SQL Injection] 
#http://target/DUportalPro34Demo/Files/cat.asp?iCat=[SQL Injection] 
#http://target/DUportalPro34Demo/Files/cat.asp?iCat=202&iChannel=[SQL Injection] 
#
#Contact: Advisory@aria-security.net

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH