CVE-2008-1341 Information

Description

SQL injection vulnerability in SearchResults.aspx in LaGarde StoreFront 6 before SP8 allows remote attackers to execute arbitrary SQL commands via the CategoryId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Reference

http://secunia.com/advisories/29326 http://support.storefront.net/Updates/60sp8/default.asp http://www.securityfocus.com/bid/28234