VULHUB ™

Virtual Programming VP-ASP is a shopping cart application for e-commerce enabled sites. A SQL injection vulnerability has been reported in some versions of Virtual Programming VP-ASP. User supplied input is not sanitized before being used in a SQL query. Consequently, query modification using malformed input is possible. It has been reported that exploitation of this vulnerability may allow for authentication to be bypassed.

Virtual Programming VP-ASP is a shopping cart application for e-commerce enabled sites. A SQL injection vulnerability has been reported in some versions of Virtual Programming VP-ASP. User supplied input is not sanitized before being used in a SQL query. Consequently, query modification using malformed input is possible. It has been reported that exploitation of this vulnerability may allow for authentication to be bypassed.