Lagarde Storefront vulnerabilities
2 known vulnerabilities affecting lagarde/storefront.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2003-0557P4HIGHCVSS 7.5PoC≤ 6.02003-08-18
CVE-2003-0557 [HIGH] CVE-2003-0557: SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows r
SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field.
nvd
CVE-2008-1341P3HIGHCVSS 7.5v6.02008-03-17
CVE-2008-1341 [HIGH] CWE-89 CVE-2008-1341: SQL injection vulnerability in SearchResults.aspx in LaGarde StoreFront 6 before SP8 allows remote a
SQL injection vulnerability in SearchResults.aspx in LaGarde StoreFront 6 before SP8 allows remote attackers to execute arbitrary SQL commands via the CategoryId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
nvd