CVE-2010-1588 Information

Description

SQL injection vulnerability in the Getwebsess function in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier allows remote attackers to execute arbitrary SQL commands via the websess parameter.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0400.html http://osvdb.org/61890 http://secunia.com/advisories/38283 https://exchange.xforce.ibmcloud.com/vulnerabilities/55821