SQL injection vulnerability in VP-ASP Shopping Cart 4.0 through 5.0 allows remote attackers to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to shopproductselect.asp.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Vp-asp | Virtual_programming | 4.0 (including) | 4.0 (including) |
Vp-asp | Virtual_programming | 4.50 (including) | 4.50 (including) |
Vp-asp | Virtual_programming | 5.0 (including) | 5.0 (including) |