LaGarde StoreFront 5.0 Shopping Cart - 'login.asp' SQL Injection

EDB-ID:

25847


Author:

G00db0y

Type:

webapps


Platform:

ASP

Date:

2003-12-07


source: https://www.securityfocus.com/bid/13998/info

StoreFront Shopping Cart is affected by an SQL injection vulnerability. The vulnerability affects the 'login.asp' script.

Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

StoreFront Shopping Cart 5.0 is affected by this vulnerability.

The following proof of concept example is available:
Email id: example@example.com
Password: ' or '='