SQL Injection Vulnerabilities in DUware DUclassmate 1.2

CVE-2005-2049 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in DUware DUclassmate 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) iState parameter to default.asp or (2) iPro parameter to edit.asp.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.