LaGarde StoreFront 5.0 Shopping Cart - 'login.asp' SQL Injection

EDB-ID:

25847

Author:

G00db0y

Type:

webapps

Platform:

ASP

Published:

2003-12-07

source: https://www.securityfocus.com/bid/13998/info

StoreFront Shopping Cart is affected by an SQL injection vulnerability. The vulnerability affects the 'login.asp' script.

Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

StoreFront Shopping Cart 5.0 is affected by this vulnerability.

The following proof of concept example is available:
Email id: example@example.com
Password: ' or '='