Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtual programming vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2004-2413
SQL injection vulnerability in VP-ASP Shopping Cart 4.0 up to and including 5.0 allows remote malicious users to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to shopproductselect.asp.
Virtual Programming Vp-asp 4.0
Virtual Programming Vp-asp 5.0
Virtual Programming Vp-asp 4.50
1 EDB exploit
4.3
CVSSv2
CVE-2004-2411
The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 up to and including 5.0 does not sufficiently cleanse inputs, which allows remote malicious users to conduct cross-site scripting (XSS) attacks that do not use <script> tags, as demonstrated via javascr...
Virtual Programming Vp-asp 4.0
Virtual Programming Vp-asp 5.0
Virtual Programming Vp-asp 4.50
1 EDB exploit
7.5
CVSSv2
CVE-2004-2412
Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 up to and including 5.0 allow remote malicious users to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp.
Virtual Programming Vp-asp 4.0
Virtual Programming Vp-asp 5.0
Virtual Programming Vp-asp 4.50
7.5
CVSSv2
CVE-2007-0224
SQL injection vulnerability in shopgiftregsearch.asp in VP-ASP Shopping Cart 6.09 and previous versions allows remote malicious users to execute arbitrary SQL commands via the LoginLastname parameter.
Virtual Programming Vp-asp 6.09
1 EDB exploit
7.5
CVSSv2
CVE-2006-2263
SQL injection vulnerability in shopcurrency.asp in VP-ASP 6.00 allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Virtual Programming Vp-asp 6.00
1 EDB exploit
4.3
CVSSv2
CVE-2005-3685
Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP Shopping Cart 5.50 allows remote malicious users to inject arbitrary web script or HTML via the UserName parameter.
Virtual Programming Vp-asp 5.50
1 EDB exploit
5
CVSSv2
CVE-2004-2164
shoprestoreorder.asp in VP-ASP 5.0 does not close the database connection when a user restores a previous order, which allows remote malicious users to cause a denial of service (connection consumption).
Virtual Programming Vp-asp 5.0
7.5
CVSSv2
CVE-2002-1919
SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows remote malicious users to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password fields.
Virtual Programming Vp-asp 4.0
10
CVSSv2
CVE-2003-0560
SQL injection vulnerability in shopexd.asp for VP-ASP allows remote malicious users to gain administrator privileges via the id parameter.
Virtual Programming Vp-asp 5.0
2 EDB exploits
6.8
CVSSv2
CVE-2007-0225
Cross-site scripting (XSS) vulnerability in shopcustadmin.asp in VP-ASP Shopping Cart 6.09 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the msg parameter.
Virtual Programming Vp-asp 6.09
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »