Vulnerabilities > Virtual Programming > VP ASP > 6.09
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-01-13 | CVE-2007-0225 | Cross-Site Scripting vulnerability in Virtual Programming Vp-Asp 6.09 Cross-site scripting (XSS) vulnerability in shopcustadmin.asp in VP-ASP Shopping Cart 6.09 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter. network virtual-programming | 6.8 |
2007-01-13 | CVE-2007-0224 | SQL-Injection vulnerability in Virtual Programming Vp-Asp 6.09 SQL injection vulnerability in shopgiftregsearch.asp in VP-ASP Shopping Cart 6.09 and earlier allows remote attackers to execute arbitrary SQL commands via the LoginLastname parameter. | 7.5 |