|
Family: CGI abuses --> Category: attack
VP-ASP SQL Injection (2) Vulnerability Scan
Vulnerability Scan Summary Performs a SQL injection against the remote shopping cart
Detailed Explanation for this Vulnerability Test
The remote host is using the VP-ASP, a shopping cart program written in ASP.
The remote version of this software is vulnerable to three SQL injection
vulnerabilities in the files shopaddtocart.asp, shopaddtocartnodb.asp and
shopproductselect.asp.
A possible hacker may exploit these flaws to execute arbitrary SQL statements against
the remote database
Solution : See http://www.vpasp.com/virtprog/info/faq_securityfixes.htm
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|