VP.ASP.Shopping.Cart.Shopcurrency.ASP.SQL.Injection

description-logoDescription

A SQL injection vulnerability in shopcurrency.asp in VP-ASP 6.00 allows remote attackers to execute arbitrary SQL commands via the cid parameter.

affected-products-logoAffected Products

VP-ASP Shopping Cart versions prior to 6.08.

Impact logoImpact

Execute arbitrary SQL commands.

recomended-action-logoRecommended Actions

Upgrade to VP-ASP Shopping Cart version 6.08:
http://www.vpasp.com/helpnotes/shopexd.asp?id=814

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2018-09-27 13.459