Virtual Programming : Security Vulnerabilities, CVEs, Published In 2007
Cross-site scripting (XSS) vulnerability in shopcustadmin.asp in VP-ASP Shopping Cart 6.09 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
Max CVSS
6.8
EPSS Score
0.50%
Published
2007-01-13
Updated
2017-10-19
SQL injection vulnerability in shopgiftregsearch.asp in VP-ASP Shopping Cart 6.09 and earlier allows remote attackers to execute arbitrary SQL commands via the LoginLastname parameter.
Max CVSS
7.5
EPSS Score
0.31%
Published
2007-01-13
Updated
2017-10-19
2 vulnerabilities found