Описание
Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0 allow remote attackers to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp.
Ссылки
- PatchVendor Advisory
- Patch
- Patch
- PatchVendor Advisory
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:virtual_programming:vp-asp:4.0:*:*:*:*:*:*:*
cpe:2.3:a:virtual_programming:vp-asp:4.50:*:*:*:*:*:*:*
cpe:2.3:a:virtual_programming:vp-asp:5.0:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00502
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0 allow remote attackers to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp.
EPSS
Процентиль: 65%
0.00502
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other