Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 up to and including 5.0 allow remote malicious users to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
virtual programming vp-asp 4.0 |
||
virtual programming vp-asp 4.50 |
||
virtual programming vp-asp 5.0 |