Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vp-asp vp-asp shopping cart vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-1588
SQL injection vulnerability in the Getwebsess function in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and previous versions allows remote malicious users to execute arbitrary SQL commands via the websess parameter.
Vpasp Vp-asp Shopping Cart
Vpasp Vp-asp Shopping Cart 6.00
Vpasp Vp-asp Shopping Cart 5.50
NA
CVE-2010-1589
Directory traversal vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and previous versions might allow remote malicious users to determine the existence of arbitrary files via directory traversal sequences in the client's DNS hostname ...
Vpasp Vp-asp Shopping Cart
Vpasp Vp-asp Shopping Cart 6.00
Vpasp Vp-asp Shopping Cart 5.50
NA
CVE-2010-1590
Cross-site scripting (XSS) vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and previous versions might allow remote malicious users to inject arbitrary web script or HTML via the client's DNS hostname (aka the REMOTE_HOST variable), r...
Vpasp Vp-asp Shopping Cart
Vpasp Vp-asp Shopping Cart 5.50
Vpasp Vp-asp Shopping Cart 6.00
NA
CVE-2007-2790
Cross-site scripting (XSS) vulnerability in shopcontent.asp in VP-ASP Shopping Cart 6.50, and possibly earlier, allows remote malicious users to inject arbitrary web script or HTML via the type parameter.
Vp-asp Vp-asp Shopping Cart
NA
CVE-2008-5929
VP-ASP Shopping Cart 6.50 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database containing the password via a direct request for database/shopping650.mdb. NOTE: some of these details are obta...
Vpasp Vp-asp Shopping Cart 6.50
1 EDB exploit
NA
CVE-2008-0449
SQL injection vulnerability in paypalresult.asp in VP-ASP Shopping Cart 6.50 and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from th...
Rocksalt International Vp Asp 4.50
Rocksalt International Vp Asp 5.00
Rocksalt International Vp Asp 5.50
Rocksalt International Vp Asp 6.00
Rocksalt International Vp Asp 4.00
Rocksalt International Vp Asp 6.50
NA
CVE-2004-2412
Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 up to and including 5.0 allow remote malicious users to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp.
Virtual Programming Vp-asp 4.0
Virtual Programming Vp-asp 4.50
Virtual Programming Vp-asp 5.0
NA
CVE-2004-2413
SQL injection vulnerability in VP-ASP Shopping Cart 4.0 up to and including 5.0 allows remote malicious users to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to shopproductselect.asp.
Virtual Programming Vp-asp 4.0
Virtual Programming Vp-asp 4.50
Virtual Programming Vp-asp 5.0
1 EDB exploit
NA
CVE-2004-2411
The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 up to and including 5.0 does not sufficiently cleanse inputs, which allows remote malicious users to conduct cross-site scripting (XSS) attacks that do not use <script> tags, as demonstrated via javascr...
Virtual Programming Vp-asp 4.0
Virtual Programming Vp-asp 4.50
Virtual Programming Vp-asp 5.0
1 EDB exploit
NA
CVE-2005-3685
Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP Shopping Cart 5.50 allows remote malicious users to inject arbitrary web script or HTML via the UserName parameter.
Virtual Programming Vp-asp 5.50
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »