DUware DUamazon Pro Multiple SQL Injection Vulnerabilities

DUware DUamazon Pro Multiple SQL Injection Vulnerabilities

No exploit is required.

The following proof of concept URI are available:
http://www.example.com/DUamazonPro/shops/cat.asp?iCat=19[SQL Inject]
http://www.example.com/DUamazonPro/shops/sub.asp?iSub=18[SQL Inject]
http://www.example.com/DUamazonPro/shops/detail.asp?iPro=34&iSub=17[SQL Inject]
http://www.example.com/DUamazonPro/shops/review.asp?iSub=17&iPro=36[SQL Inject]
http://www.example.com/DUamazonPro/admin/catEdit.asp?iCat=12[SQL Inject]
http://www.example.com/DUamazonPro/admin/catDelete.asp?iCat=13[SQL Inject]
http://www.example.com/DUamazonPro/admin/productEdit.asp?iPro=34&iCat=12[SQL Inject]
http://www.example.com/DUamazonPro/admin/productDelete.asp?iPro=37&iCat=12[SQL Inject]
http://www.example.com/DUamazon/type.asp?iType=1[SQL inject]