CVE-2009-4120
CVE-2009-4120 concerns CSRF flaws in Quick.Cart 3.4, enabling an attacker to hijack an administrator’s session and perform privileged actions such as (1) deleting orders via an orders-delete action to admin.php, and possibly (2) deleting products or (3) deleting pages through unspecified vectors....