COMMAND

    VirtualCart Shopping Cart

SYSTEMS AFFECTED

    VirtualCart Shopping Cart (All versions appear to be effected)

PROBLEM

    Following is based on a cgisecurity.com Advisory #5.  The  problem
    lies in a file called  CatalogMgr.pl.  There is a security problem
    in CatalogMgr.pl but it is part of the VirtualCatalog.

SOLUTION

    Check the  vendor webpage  for futher  updates or  use the  vendor
    patch provided  above towards  the top  of this  advisory.  Vendor
    patch:

        http://www.cgisecurity.net/advisory/patch/VirtualCatalog.tar.gz