SQL Injection Vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0

SQL Injection Vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0

CVE-2004-2412 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0 allow remote attackers to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.