CVE-2008-6758 (viart_shop) [Sitemap] - HeapOverflow Computer Security Community & Forums : Heap Overflow.com
PDA

View Full Version : CVE-2008-6758 (viart_shop)

Heap
29-04-09, 02:54
Cross-site request forgery (CSRF) vulnerability in cart_save.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to hijack the authentication of arbitrary users for requests that conduct persistent cross-site scripting (XSS) attacks via the cart_name parameter in a save action.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6758)