Cross-site request forgery (CSRF) vulnerability in cart_save.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote malicious users to hijack the authentication of arbitrary users for requests that conduct persistent cross-site scripting (XSS) attacks via the cart_name parameter in a save action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
viart viart shop 3.5 |