Duware CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2006-6455	1 Duware	1 Dudirectory	2025-04-09	N/A
Multiple SQL injection vulnerabilities in admin/default.asp in DUware DUdirectory 3.1, and possibly DUdirectory Pro and Pro SQL 3.x, allow remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password parameter. NOTE: some of these details are obtained from third party information.
CVE-2006-6367	1 Duware	3 Dudownload, Dunews, Dupaypal	2025-04-09	N/A
Multiple SQL injection vulnerabilities in detail.asp in DUware DUdownload 1.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) iFile or (2) action parameter. NOTE: the iType parameter is already covered by CVE-2005-3976.
CVE-2008-2868	1 Duware	1 Ducalendar	2025-04-09	N/A
SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter.

« first previous Page 2 of 2.