Required CVE Record Information
Description
SQL injection vulnerability in the Getwebsess function in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier allows remote attackers to execute arbitrary SQL commands via the websess parameter.
References 4 Total
- exchange.xforce.ibmcloud.com: shoppingcart-websess-sql-injection(55821) vdb-entry
- osvdb.org: 61890 vdb-entry
- archives.neohapsis.com: 20100120 Insufficient User Input Validation in VP-ASP 6.50 Demo Code mailing-list
- secunia.com: 38283 third-party-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- exchange.xforce.ibmcloud.com: shoppingcart-websess-sql-injection(55821) vdb-entryx_transferred
- osvdb.org: 61890 vdb-entryx_transferred
- archives.neohapsis.com: 20100120 Insufficient User Input Validation in VP-ASP 6.50 Demo Code mailing-listx_transferred
- secunia.com: 38283 third-party-advisoryx_transferred