Unrated severityNVD Advisory· Published Dec 3, 2005· Updated Apr 16, 2026

CVE-2005-3976

Description

SQL injection vulnerability in type.asp, as used in multiple DUware products including (1) DUamazon 3.1, (2) DUarticle 1.1, (3) DUclassified 4.2, (4) DUdirectory 3.1 and DUdirectory Pro 3.0 and 3.0 SQL, (5) DUdownload 1.1, (6) DUgallery 3.3, (7) DUnews 1.1, and (8) DUpaypal 3.1 and DUpaypal Pro 3.0, allows remote attackers to execute arbitrary SQL commands via the iType parameter.

Affected products

Duware/Duamazon
cpe:2.3:a:duware:duamazon:3.1:*:*:*:*:*:*:*
Duware/Duarticle
cpe:2.3:a:duware:duarticle:1.1:*:*:*:*:*:*:*
Duware/Duclassified
cpe:2.3:a:duware:duclassified:4.2:*:*:*:*:*:*:*
Duware/Dudirectory
cpe:2.3:a:duware:dudirectory:3.1:*:*:*:*:*:*:*
Duware/Dudirectory Pro
cpe:2.3:a:duware:dudirectory_pro:3.0:*:*:*:*:*:*:*
Duware/Dudirectory Pro SQL
cpe:2.3:a:duware:dudirectory_pro_sql:3.0:*:*:*:*:*:*:*
Duware/Dudownload
cpe:2.3:a:duware:dudownload:1.1:*:*:*:*:*:*:*
Duware/Dugallery
cpe:2.3:a:duware:dugallery:3.3:*:*:*:*:*:*:*
Duware/Dunews
cpe:2.3:a:duware:dunews:1.1:*:*:*:*:*:*:*
Duware/Dupaypal
cpe:2.3:a:duware:dupaypal:3.1:*:*:*:*:*:*:*
Duware/Dupaypal Pro
cpe:2.3:a:duware:dupaypal_pro:3.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/17835nvdVendor Advisory
www.osvdb.org/21385nvd
www.securityfocus.com/bid/15681nvd
www.vupen.com/english/advisories/2005/2700nvd
exchange.xforce.ibmcloud.com/vulnerabilities/30673nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000