Unrated severityNVD Advisory· Published Apr 26, 2010· Updated Apr 29, 2026
CVE-2010-1542
CVE-2010-1542
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/configure.php in DFD Cart 1.198, 1.197, and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) conduct cross-site scripting (XSS) attacks or (2) change unspecified settings.
Affected products
12cpe:2.3:a:dragonfrugal:dfd_cart:*:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:dragonfrugal:dfd_cart:*:*:*:*:*:*:*:*range: <=1.198
- cpe:2.3:a:dragonfrugal:dfd_cart:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:dragonfrugal:dfd_cart:1.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:dragonfrugal:dfd_cart:1.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:dragonfrugal:dfd_cart:1.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:dragonfrugal:dfd_cart:1.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:dragonfrugal:dfd_cart:1.192:*:*:*:*:*:*:*
- cpe:2.3:a:dragonfrugal:dfd_cart:1.193:*:*:*:*:*:*:*
- cpe:2.3:a:dragonfrugal:dfd_cart:1.194:*:*:*:*:*:*:*
- cpe:2.3:a:dragonfrugal:dfd_cart:1.195:*:*:*:*:*:*:*
- cpe:2.3:a:dragonfrugal:dfd_cart:1.196:*:*:*:*:*:*:*
- cpe:2.3:a:dragonfrugal:dfd_cart:1.197:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- secunia.com/advisories/38635nvdVendor Advisory
- holisticinfosec.org/content/view/135/45/nvd
- osvdb.org/62673nvd
News mentions
0No linked articles in our index yet.