Unrated severityNVD Advisory· Published Apr 29, 2010· Updated Jun 16, 2026
CVE-2010-1611
CVE-2010-1611
Description
Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 allows remote attackers to hijack the authentication of the administrator for requests that reset the administrator password via a POST to admin/ with an update action.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:alegrocart:alegrocart:1.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:alegrocart:alegrocart:1.1:*:*:*:*:*:*:*
- (no CPE)range: =1.1
Patches
Vulnerability mechanics
References
5- forum.alegrocart.com/viewtopic.phpnvdPatchVendor Advisory
- packetstormsecurity.org/1002-exploits/alegrocart-xsrf.txtnvdExploit
- secunia.com/advisories/38386nvdVendor Advisory
- osvdb.org/62073nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/56037nvd
News mentions
0No linked articles in our index yet.