Vulnerabilities > CVE-2003-0557 - Unspecified vulnerability in Lagarde Storefront

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
lagarde
exploit available

Summary

SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field. This issue was addressed in a hot fix for StoreFront 6.1 in late January 2004.

Vulnerable Configurations

Part Description Count
Application
Lagarde
1

Exploit-Db

descriptionLaGarde StoreFront 5.0 Shopping Cart LOGIN.ASP SQL Injection Vulnerability. CVE-2003-0557. Webapps exploit for asp platform
idEDB-ID:25847
last seen2016-02-03
modified2003-12-07
published2003-12-07
reporterG00db0y
sourcehttps://www.exploit-db.com/download/25847/
titleLaGarde StoreFront 5.0 Shopping Cart LOGIN.ASP SQL Injection Vulnerability