Unrated severityNVD Advisory· Published Dec 1, 2009· Updated Jun 16, 2026
CVE-2009-4120
CVE-2009-4120
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Quick.Cart 3.4 allow remote attackers to hijack the authentication of the administrator for requests that (1) delete orders via an orders-delete action to admin.php, and possibly (2) delete products or (3) delete pages via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:opensolution:quick.cart:3.4:*:*:*:*:*:*:*
- Range: =3.4
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.