CSRF in Opensolution Quick.cart
CVE-2009-4120
Multiple cross-site request forgery (CSRF) vulnerabilities in Quick.Cart 3.4 allow remote attackers to hijack the authentication of the administrator for requests that (1) delete orders via an orders-delete action to admin.php, and possibl…
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.010 (58.4th percentile) — read the EPSS interpretation.
Affected products
- Opensolution Quick.cart — versions 3.4
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (mailing-list, Exploit, x_refsource_FULLDISC)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)