cpe:/a:lagarde:storefront:6.0 CVE-2008-1341 2008-03-17T12:44:00.000-04:00 2008-09-05T17:37:29.267-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-03-18T09:26:00.000-04:00 ALLOWS_OTHER_ACCESS BID 28234 SECUNIA 29326 SQL injection vulnerability in SearchResults.aspx in LaGarde StoreFront 6 before SP8 allows remote attackers to execute arbitrary SQL commands via the CategoryId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.