Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

vp-asp vp-asp shopping cart vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2010-1588
SQL injection vulnerability in the Getwebsess function in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and previous versions allows remote malicious users to execute arbitrary SQL commands via the websess parameter.
Vpasp Vp-asp Shopping CartVpasp Vp-asp Shopping Cart 6.00Vpasp Vp-asp Shopping Cart 5.50
NA
CVE-2010-1589
Directory traversal vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and previous versions might allow remote malicious users to determine the existence of arbitrary files via directory traversal sequences in the client's DNS hostname ...
Vpasp Vp-asp Shopping CartVpasp Vp-asp Shopping Cart 6.00Vpasp Vp-asp Shopping Cart 5.50
NA
CVE-2010-1590
Cross-site scripting (XSS) vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and previous versions might allow remote malicious users to inject arbitrary web script or HTML via the client's DNS hostname (aka the REMOTE_HOST variable), r...
Vpasp Vp-asp Shopping CartVpasp Vp-asp Shopping Cart 5.50Vpasp Vp-asp Shopping Cart 6.00
NA
CVE-2007-2790
Cross-site scripting (XSS) vulnerability in shopcontent.asp in VP-ASP Shopping Cart 6.50, and possibly earlier, allows remote malicious users to inject arbitrary web script or HTML via the type parameter.
Vp-asp Vp-asp Shopping Cart
NA
CVE-2008-5929
VP-ASP Shopping Cart 6.50 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database containing the password via a direct request for database/shopping650.mdb. NOTE: some of these details are obta...
Vpasp Vp-asp Shopping Cart 6.50
NA
CVE-2008-0449
SQL injection vulnerability in paypalresult.asp in VP-ASP Shopping Cart 6.50 and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from th...
Rocksalt International Vp Asp 4.50Rocksalt International Vp Asp 5.00Rocksalt International Vp Asp 5.50Rocksalt International Vp Asp 6.00Rocksalt International Vp Asp 4.00Rocksalt International Vp Asp 6.50
NA
CVE-2004-2412
Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 up to and including 5.0 allow remote malicious users to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp.
Virtual Programming Vp-asp 4.0Virtual Programming Vp-asp 4.50Virtual Programming Vp-asp 5.0
NA
CVE-2004-2413
SQL injection vulnerability in VP-ASP Shopping Cart 4.0 up to and including 5.0 allows remote malicious users to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to shopproductselect.asp.
Virtual Programming Vp-asp 4.0Virtual Programming Vp-asp 4.50Virtual Programming Vp-asp 5.0
NA
CVE-2004-2411
The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 up to and including 5.0 does not sufficiently cleanse inputs, which allows remote malicious users to conduct cross-site scripting (XSS) attacks that do not use <script> tags, as demonstrated via javascr...
Virtual Programming Vp-asp 4.0Virtual Programming Vp-asp 4.50Virtual Programming Vp-asp 5.0
NA
CVE-2005-3685
Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP Shopping Cart 5.50 allows remote malicious users to inject arbitrary web script or HTML via the UserName parameter.
Virtual Programming Vp-asp 5.50
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTICVE-2024-35863CVE-2024-35910man-in-the-middleCVE-2024-35912CVE-2024-25742LFICVE-2024-32002CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook