Virtual Programming Vp-asp — known CVE vulnerabilities
Every CVE whose affected-product data names Virtual Programming Vp-asp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2003-0560 — CVSS 10.0 (critical): SQL injection vulnerability in shopexd.asp for VP-ASP allows remote attackers to gain administrator privileges via the id parameter.
CVE-2002-1919 — CVSS 7.5 (high): SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows remote attackers to execute arbitrary SQL commands and bypass…
CVE-2004-2412 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0 allow remote attackers to execute arbitrary SQL commands via…
CVE-2004-2413 — CVSS 7.5 (high): SQL injection vulnerability in VP-ASP Shopping Cart 4.0 through 5.0 allows remote attackers to execute arbitrary SQL commands via the (1)…
CVE-2006-2263 — CVSS 7.5 (high): SQL injection vulnerability in shopcurrency.asp in VP-ASP 6.00 allows remote attackers to execute arbitrary SQL commands via the cid…
CVE-2007-0224 — CVSS 7.5 (high): SQL injection vulnerability in shopgiftregsearch.asp in VP-ASP Shopping Cart 6.09 and earlier allows remote attackers to execute arbitrary…
CVE-2007-0225 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in shopcustadmin.asp in VP-ASP Shopping Cart 6.09 and earlier allows remote attackers to inject…
CVE-2004-2164 — CVSS 5.0 (medium): shoprestoreorder.asp in VP-ASP 5.0 does not close the database connection when a user restores a previous order, which allows remote…
CVE-2004-2411 — CVSS 4.3 (medium): The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 through 5.0 does not sufficiently cleanse inputs, which allows…
CVE-2005-3685 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP Shopping Cart 5.50 allows remote attackers to inject arbitrary web…