DUware DUclassmate Multiple SQL Injection Vulnerabilities

DUware DUclassmate Multiple SQL Injection Vulnerabilities

No exploit is required.

The following proof-of-concept URIsare available:

http://www.example.com/DUclassmate/default.asp?iState=[SQL Inject]&nState=Florida
http://www.example.com/DUclassmate/admin/edit.asp?iPro=[SQL Inject]