VP-ASP
by Vpasp
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-2164 | 0.00 | — | 0.02 | Dec 31, 2004 | shoprestoreorder.asp in VP-ASP 5.0 does not close the database connection when a user restores a previous order, which allows remote attackers to cause a denial of service (connection consumption). | |||
| CVE-2002-1919 | 0.00 | — | 0.02 | Dec 31, 2002 | SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password fields. |
- CVE-2004-2164Dec 31, 2004risk 0.00cvss —epss 0.02
shoprestoreorder.asp in VP-ASP 5.0 does not close the database connection when a user restores a previous order, which allows remote attackers to cause a denial of service (connection consumption).
- CVE-2002-1919Dec 31, 2002risk 0.00cvss —epss 0.02
SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password fields.