Описание
SQL injection vulnerability in VP-ASP Shopping Cart 4.0 through 5.0 allows remote attackers to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to shopproductselect.asp.
Ссылки
- ExploitPatchVendor Advisory
- ExploitPatch
- ExploitPatchVendor Advisory
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:virtual_programming:vp-asp:4.0:*:*:*:*:*:*:*
cpe:2.3:a:virtual_programming:vp-asp:4.50:*:*:*:*:*:*:*
cpe:2.3:a:virtual_programming:vp-asp:5.0:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00876
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
SQL injection vulnerability in VP-ASP Shopping Cart 4.0 through 5.0 allows remote attackers to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to shopproductselect.asp.
EPSS
Процентиль: 75%
0.00876
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other