VP-ASP Shopping Cart Multiple Vulnerabilities Release Date: June 14, 2004 Severity: High Vendor: Virtual Programming Software: VP-ASP Shopping Cart Version 5.x Remote: Remotely executable Vulnerabilities: Cross Site Scripting SQL Injection Technical Details: Cross Site Scripting Vulnerability was originally found Dec 05, 2003. http://archives.neohapsis.com/archives/bugtraq/2003-12/0080.html Vendor Fix for this was to write a subroutine that validated for