GCVE - cpe:2.3:a:duware:dupaypal_pro:3.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:duware:dupaypal_pro:3.0:*:*:*:*:*:*:*

part: a version: 3.0 update: *

Vendor	Duware (`a7e4dbbd-0fa1-58a2-ad48-648c67f14a28`)
Product	Dupaypal Pro (`b5e92b24-5d1a-5c7d-95ce-bcbce966836a`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2006-6354`	vulnerable	2026-06-03 14:27:52.954035	Details available Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to execute arbitrary SQL commands via the (1) iNews, (2) iType, or (3) Action parameter. NOTE: the iType parameter in type.asp is covered by CVE-2005-3976. Published: 2006-12-07T01:00:00.000Z Updated: 2024-08-07T20:26:45.520Z Open on db.gcve.eu Reference links http://secunia.com/advisories/23228 http://www.aria-security.com/forum/showthread.php?t=61 http://www.securityfocus.com/bid/15681 http://www.vupen.com/english/advisories/2006/4834 http://www.securityfocus.com/archive/1/453317/100/0/threaded	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-3976`	vulnerable	2026-06-03 14:27:11.968603	Details available SQL injection vulnerability in type.asp, as used in multiple DUware products including (1) DUamazon 3.1, (2) DUarticle 1.1, (3) DUclassified 4.2, (4) DUdirectory 3.1 and DUdirectory Pro 3.0 and 3.0 SQL, (5) DUdownload 1.1, (6) DUgallery 3.3, (7) DUnews 1.1, and (8) DUpaypal 3.1 and DUpaypal Pro 3.0, allows remote attackers to execute arbitrary SQL commands via the iType parameter. Published: 2005-12-03T19:00:00.000Z Updated: 2024-08-07T23:31:49.013Z Open on db.gcve.eu Reference links http://secunia.com/advisories/17835 http://www.securityfocus.com/bid/15681 http://www.vupen.com/english/advisories/2005/2700 https://exchange.xforce.ibmcloud.com/vulnerabilities/30673 http://www.osvdb.org/21385	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-2047`	vulnerable	2026-06-03 14:27:00.917485	Details available Multiple SQL injection vulnerabilities in DUware DUpaypal Pro 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) iCat parameter to cat.asp, (2) iPro parameter to detail.asp, (3) iSub parameter to sub.asp, (4) iCat parameter to catEdit.asp. Published: 2005-06-22T04:00:00.000Z Updated: 2024-08-07T22:15:36.789Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=111945219205114&w=2 http://echo.or.id/adv/adv19-theday-2005.txt	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.