CVE-2004-2413
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/12/2004
Last modified:
11/07/2017
Description
SQL injection vulnerability in VP-ASP Shopping Cart 4.0 through 5.0 allows remote attackers to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to shopproductselect.asp.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:virtual_programming:vp-asp:4.0:*:*:*:*:*:*:* | ||
cpe:2.3:a:virtual_programming:vp-asp:4.50:*:*:*:*:*:*:* | ||
cpe:2.3:a:virtual_programming:vp-asp:5.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page