Description
SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by G00db0y · textwebappsasp
https://www.exploit-db.com/exploits/25847
References (1)
Core 1
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=105804683203384&w=2
Scores
EPSS
0.0101
EPSS Percentile
77.2%
Details
Status
published
Products (1)
lagarde/storefront
< 6.0
Published
Aug 18, 2003
Tracked Since
Feb 18, 2026