CVE-2007-0224

Virtual Programming Vp-asp - SQL Injection

Title source: rule

Description

SQL injection vulnerability in shopgiftregsearch.asp in VP-ASP Shopping Cart 6.09 and earlier allows remote attackers to execute arbitrary SQL commands via the LoginLastname parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by ajann · textwebappsasp
https://www.exploit-db.com/exploits/3115

References (4)

Scores

EPSS 0.0157
EPSS Percentile 81.3%

Classification

Status draft

Affected Products (1)

virtual_programming/vp-asp

Timeline

Published Jan 13, 2007
Tracked Since Feb 18, 2026