Posted by upsploit advisories on Feb 10
*Advisory Information*Title: Zen-Cart Admin CSRF/XSRF - Delete / Disable Products
Date published: 2012-02-10 01:59:45 AM
upSploit Ref: UPS-2011-0018
CVE REF: CVE-2011-4403
*Advisory Summary*
An attacker can force an administrator to delete or disable products from
within his store.
*Vendor*
Zen-Cart
*Affected Software*
Zen-Cart v1.3.9h
Zen Cartâ„¢ truly is the art of e-commerce; free, user-friendly, open source
shopping cart software....