Vulnerabilities > CVE-2004-2413 - Unspecified vulnerability in Virtual Programming Vp-Asp 4.0/4.50/5.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN virtual-programming
exploit available
Summary
SQL injection vulnerability in VP-ASP Shopping Cart 4.0 through 5.0 allows remote attackers to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to shopproductselect.asp.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
| description | Invision Power Board 1.3 SSI.PHP Cross-Site Scripting Vulnerability. CVE-2004-2413 . Webapps exploit for php platform |
| id | EDB-ID:24199 |
| last seen | 2016-02-02 |
| modified | 2004-06-14 |
| published | 2004-06-14 |
| reporter | IMAN Sharafoddin |
| source | https://www.exploit-db.com/download/24199/ |
| title | Invision Power Board 1.3 SSI.PHP Cross-Site Scripting Vulnerability |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0363.html
- http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0363.html
- http://www.securityfocus.com/bid/10536
- http://www.securityfocus.com/bid/10536
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16400
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16400