EUVD-2009-4521

Malware in sbrugna...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in AgoraCart 5.2.005 and 5.2.006 and AgoraCart GOLD 5.5.005 allow remote attackers to hijack the authentication of administrators for requests that 1 modify a .htaccess file via an unspecified request to protected/manager.cgi or 2 change th...

CVE-2009-4555

Multiple cross-site request forgery CSRF vulnerabilities in AgoraCart 5.2.005 and 5.2.006 and AgoraCart GOLD 5.5.005 allow remote attackers to hijack the authentication of administrators for requests that 1 modify a .htaccess file via an unspecified request to protected/manager.cgi or 2 change th...

CVE-2009-4555

CVE-2009-4555 affects AgoraCart (versions 5.2.005 and 5.2.006) and AgoraCart GOLD (5.5.005). The issue is cross-site request forgery (CSRF) vulnerabilities that allow an attacker to hijack administrator authentication for actions including (1) modifying a .htaccess file via a request to protected...

CVE-2009-4555

Multiple cross-site request forgery CSRF vulnerabilities in AgoraCart 5.2.005 and 5.2.006 and AgoraCart GOLD 5.5.005 allow remote attackers to hijack the authentication of administrators for requests that 1 modify a .htaccess file via an unspecified request to protected/manager.cgi or 2 change th...

AgoraCart agora.cgi cart_id Parameter XSS

Agora is a CGI-based, e-commerce package. Due to poor input validation, Agora allows an attacker to execute cross-site scripting attacks. %NASLMINLEVEL 70300 This script was written by Matt Moore See the Nessus Scripts License for details include'deprecatednasllevel.inc'; include'compat.inc'; if...