Unrated severityNVD Advisory· Published Feb 3, 2009· Updated Jun 16, 2026
CVE-2009-0412
CVE-2009-0412
Description
The ProcessLogin function in class.auth.php in Interspire Shopping Cart (ISC) 4.0.1 Ultimate edition allows remote attackers to bypass authentication and obtain administrative access by reusing the RememberToken cookie after a failed admin login attempt.
Affected products
2cpe:2.3:a:interspire:shopping_cart:4.0.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:interspire:shopping_cart:4.0.1:*:*:*:*:*:*:*
- (no CPE)range: 4.0.1 Ultimate edition
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.