Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SQL injection vulnerability in shopgiftregsearch.asp in VP-ASP Shopping Cart 6.09 and earlier allows remote attackers to execute arbitrary SQL commands via the LoginLastname parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Virtual Programming VP-ASP多个跨站脚本及SQL注入漏洞
Vulnerability Description
Virtual Programming VP-ASP是一款商业性质的电子购物应用系统,由ASP脚本编写。 Virtual Programming VP-ASP的处理用户请求时存在输入验证漏洞,远程攻击者可以利用这个漏洞获得敏感信息或非授权操作数据库。 VP-ASP的shopgiftregsearch.asp和shopcustadmin.asp脚本没有对用户提交的LoginLastname和msg参数数据做充分的检查过滤,攻击者可以通过插入特定的SQL语名或脚本代码,可能获得其他用户浏览器相关的敏感信息,也
CVSS Information
N/A
Vulnerability Type
N/A