Vulnerabilities > CVE-2003-0557 - Unspecified vulnerability in Lagarde Storefront
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field. This issue was addressed in a hot fix for StoreFront 6.1 in late January 2004.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | LaGarde StoreFront 5.0 Shopping Cart LOGIN.ASP SQL Injection Vulnerability. CVE-2003-0557. Webapps exploit for asp platform |
id | EDB-ID:25847 |
last seen | 2016-02-03 |
modified | 2003-12-07 |
published | 2003-12-07 |
reporter | G00db0y |
source | https://www.exploit-db.com/download/25847/ |
title | LaGarde StoreFront 5.0 Shopping Cart LOGIN.ASP SQL Injection Vulnerability |