Vulnerability   
Search   
    Search 210752 CVE descriptions
and 93608 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.11786
Category:CGI abuses
Title:VP-ASP SQL Injection
Summary:NOSUMMARY
Description:Description:

The remote host is using the VP-ASP software suite.

This set of CGIs is vulnerable to a SQL injection bug which may allow
an attacker to take the control of the server as an administrator.
From there, he can obtain the list of customers, steal their credit
card information and more.

In addition to this, this software is vulnerable to various
file disclosure and cross site scripting flaws.

Solution : Upgrade to the latest version of VP-ASP
Risk factor : High

Cross-Ref: BugTraq ID: 4861
Common Vulnerability Exposure (CVE) ID: CVE-2002-1919
http://www.securityfocus.com/bid/4861
Bugtraq: 20020610 Re: VP-ASP shopping cart software. (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2002-05/0233.html
http://archives.neohapsis.com/archives/bugtraq/2002-06/0061.html
CopyrightThis script is Copyright (C) 2003 Tenable Network Security

This is only one of 93608 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.