Multiple cross-site request forgery (CSRF) vulnerabilities in admin/configure.php in DFD Cart 1.198, 1.197, and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) conduct cross-site scripting (XSS) attacks or (2) change unspecified settings.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dragonfrugal dfd cart 1.1.8 |
||
dragonfrugal dfd cart 1.193 |
||
dragonfrugal dfd cart |
||
dragonfrugal dfd cart 1.1.4 |
||
dragonfrugal dfd cart 1.1.5 |
||
dragonfrugal dfd cart 1.1.6 |
||
dragonfrugal dfd cart 1.1.7 |
||
dragonfrugal dfd cart 1.192 |
||
dragonfrugal dfd cart 1.194 |
||
dragonfrugal dfd cart 1.195 |
||
dragonfrugal dfd cart 1.196 |
||
dragonfrugal dfd cart 1.197 |