source: https://www.securityfocus.com/bid/9164/info
A vulnerability has been reported to exist in VP-ASP software that may allow a remote user to launch cross-site scripting attacks. A remote attacker may exploit this issue to potentially execute HTML or script code in the security context of the vulnerable site.
http://www.example.com/shopping/shopdisplayproducts.asp?id=1&cat=[XSS Code]
http://www.example.com/shopping/shopdisplayproducts.asp?id=1&cat=
http://www.example.com/vpasp/shopdisplayproducts.asp?id=5&cat=
http://www.example.com/vpasp/shopdisplayproducts.asp?id=5&cat=
http://www.example.com/vpasp/shopdisplayproducts.asp?id=5&cat=