CVE Vulnerabilities

CVE-2004-2412

Published: Dec 31, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0 allow remote attackers to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp.

Affected Software

Name Vendor Start Version End Version
Vp-asp Virtual_programming 4.0 4.0
Vp-asp Virtual_programming 4.50 4.50
Vp-asp Virtual_programming 5.0 5.0

References