Cross-Site Request Forgery Vulnerabilities in Quick.Cart by Quick.CMS
CVE-2009-4120

Currently unrated

Key Information:

Vendor

Opensolution

Status
Quick.cart
Vendor
CVE Published:
1 December 2009

What is CVE-2009-4120?

Multiple Cross-Site Request Forgery vulnerabilities in Quick.Cart 3.4 can allow remote attackers to bypass authentication and perform unauthorized actions. Specifically, these vulnerabilities could enable attackers to delete orders through the 'orders-delete' action in admin.php, and potentially allow deletion of products or pages via unspecified methods. This could lead to significant data loss and disruption of service for affected users.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://archives.neohapsis.com/archives/fulldisclosure/200...
mailing-listx_refsource_FULLDISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/54413
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/37115
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.