CVE-2007-0225

Name of the Vulnerable Software and Affected Versions VP-ASP Shopping Cart versions 6.09 and earlier

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the msg parameter in the "shopcustadmin.asp" file. This could potentially lead to unauthorized actions on the affected web application.

Recommendations For VP-ASP Shopping Cart versions 6.09 and earlier, update to a version later than 6.09 to resolve the issue. As a temporary workaround, consider restricting access to the shopcustadmin.asp file or avoiding the use of the msg parameter until a patch is available.