CVE-2020-27975

osCommerce Phoenix CE before 1.0.5.4 allows admin/definelanguage.php CSRF...

CVE-2020-27975

CVE-2020-27975 affects osCommerce Phoenix CE prior to 1.0.5.4, with a Cross-Site Request Forgery in admin/define_language.php. The vulnerability is documented across multiple feeds (NVD entry and Red Hat/CNVD mirrors) as CSRF, indicating that unauthenticated or unintended requests could affect la...