CVE-2007-0225

Properties

Published:
11.01.2007
Updated:
20.10.2017
Patch available:
Severity:
Medium
CVSS vector:
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Product:
virtual_programming: vp-asp

Vulnerability description

Cross-site scripting (XSS) vulnerability in shopcustadmin.asp in VP-ASP Shopping Cart 6.09 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

References:

XF: https://exchange.xforce.ibmcloud.com/vulnerabilities/31449
EXPLOIT-DB: https://www.exploit-db.com/exploits/3115