Please apply below fix, if you are using VPASP 7 with build date older than 3/September/2010, to avoild XSS attack register an affiliate page (shopaffregister.asp).
Modify shopaffregister.asp
1a. Open shopaffregister.asp
1b. Locate line affstrTypeofpayment = CleanChars(Request.Form("affstrTypeofpayment")) (estimate line 144, within routine sub ValidateData)
1c. Below the above code, please add:
1d. Save