VULHUB ™

It is reported that the VP-ASP Shopping Cart is prone to a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user input before using it in an SQL query. The problem presents itself when a malevolent user supplies SQL syntax to the application via the 'shopproductselect.asp' script. VP-ASP versions 5.0 and prior may be prone to this issue. It is possible that a vendor-supplied fix addresses this issue, however, this has not been confirmed at the moment.

It is reported that the VP-ASP Shopping Cart is prone to a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user input before using it in an SQL query. The problem presents itself when a malevolent user supplies SQL syntax to the application via the 'shopproductselect.asp' script. VP-ASP versions 5.0 and prior may be prone to this issue. It is possible that a vendor-supplied fix addresses this issue, however, this has not been confirmed at the moment.