CVE-2010-1590
Rocksalt International VP-ASP Shopping Cart <6.50 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier might allow remote attackers to inject arbitrary web script or HTML via the client's DNS hostname (aka the REMOTE_HOST variable), related to the CookielessGenerateFilename and CookielessReadFile functions.
Scores
EPSS
0.0022
EPSS Percentile
45.0%
Classification
CWE
CWE-79
Status
published
Affected Products (4)
vpasp/vp-asp_shopping_cart
< 6.50
vpasp/vp-asp_shopping_cart
vpasp/vp-asp_shopping_cart
n/a/n/a
Timeline
Published
Apr 28, 2010
Tracked Since
Feb 18, 2026