Description
The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 through 5.0 does not sufficiently cleanse inputs, which allows remote attackers to conduct cross-site scripting (XSS) attacks that do not use <script> tags, as demonstrated via javascript in IMG tags to (1) the cat parameter in shopdisplayproducts.asp or (2) the msg parameter in shoperror.asp, and possibly other vectors.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Thomas Ryan · textwebappsasp
https://www.exploit-db.com/exploits/24198
References (8)
Core 8
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/11846
Exploit, Patch, Vendor Advisory x_refsource_misc
http://www.providesecurity.com/research/advisories/06142004-01.asp
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/6949
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10530
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10534
Patch x_refsource_confirm
http://www.vpasp.com/virtprog/info/faq_securityfixes.htm
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16411
Exploit, Patch, Vendor Advisory mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0363.html
Scores
EPSS
0.0118
EPSS Percentile
78.8%
Details
Status
published
Products (3)
virtual_programming/vp-asp
4.0
virtual_programming/vp-asp
4.50
virtual_programming/vp-asp
5.0
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026