Virtual Programming VP-ASP 4.00/5.00 - 'shopdisplayproducts.asp' SQL Injection

source: https://www.securityfocus.com/bid/9134/info It has been reported that VP-ASP may be prone to a SQL injection vulnerability that may allow an attacker to disclose sensitive information by supplying malicious SQL code to the underlying database. The problem exists in the...

Virtual Programming VP-ASP 5.00 - 'shopexd.asp' SQL Injection (1)

source: https://www.securityfocus.com/bid/8159/info It has been reported that VP-ASP does not sufficiently sanitize user input passed to the shopexd.asp script contained in the software. As a result, it may be possible for remote attackers to embed SQL commands which are to be passed to the...

VP-ASP shopexd.asp catalogid Parameter SQL Injection

The remote host is using the VP-ASP software suite. This set of CGIs is vulnerable to a SQL injection bug which may allow an attacker to take the control of the server as an administrator. From there, he can obtain the list of customers, steal their credit card information and more. In addition t...

VP-ASP shopping cart software.

NOTE: Please Just ignore the tags, there just notes ect. to make a .txt document a little more readable, or not. short Several security issues in the VP-ASP shopping cart software dotPath Information Disclosure Vulnerability. dotInsecure perrmissions on configuration file. /short synopsis -Defaul...