Cross-site request forgery (CSRF) vulnerability in cart_save.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to hijack the authentication of arbitrary users for requests that conduct persistent cross-site scripting (XSS) attacks via the cart_name parameter in a save action.
References
Configurations
History
No history.
Information
Published : 2009-04-28 16:30
Updated : 2025-04-09 00:30
NVD link : CVE-2008-6758
Mitre link : CVE-2008-6758
CVE.ORG link : CVE-2008-6758
JSON object : View
Products Affected
viart
- viart_shop
CWE
CWE-352
Cross-Site Request Forgery (CSRF)