CVE-2010-1542
Multiple cross-site request forgery CSRF vulnerabilities in admin/configure.php in DFD Cart 1.198, 1.197, and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 conduct cross-site scripting XSS attacks or 2 change unspecified settings...