CVE-2004-2412

2005-08-1804:00:00

mitre

www.cve.org

AI Score

8.5

Confidence

Low

EPSS

0.002

Percentile

58.6%

JSON

Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0 allow remote attackers to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp.

References

secunia.com/advisories/11201

www.securityfocus.com/bid/9967

www.vpasp.com/virtprog/info/faq_securityfixes.htm

exchange.xforce.ibmcloud.com/vulnerabilities/15588