Web Merchant Services Storefront Shopping Cart login.asp SQL Injection Vulnerability

Web Merchant Services Storefront Shopping Cart login.asp SQL Injection Vulnerability

It has been reported that Storefront shopping cart may be vulnerable to a SQL injection vulnerability that may allow a remote user to inject malicious SQL syntax into database queries. The problem is reported to exist due to insufficient sanitization of user-supplied data in the 'login.asp' script.

Specific vulnerable versions were not identified in the report, therefore it is being assumed that the current version Storefront shopping cart 5.0 is vulnerable to this issue.