DFD Cart version 1.197, 1.198 and earlier contains multiple flaws that allow cross-site scripting and cross-ste request forgery.

1) XSS: Input passed to the "category" parameter in your.order.php and to the "category" and "list_quantity" parameters in index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.

2) CSRF: The application allows users to perform certain actions via HTTP requests send to e.g. admin/configure.php without performing any validity checks to verify the request. This can be exploited to e.g. conduct script-insertion attacks and change certain settings by tricking an administrator into visiting a malicious website.

References:

CVE-2010-1541, 1542

BID: 38505

FrSIRT: N/A

Nessus:N/A

OSVDB: 62671, 62672, 62673

SA: 38635

XF: 

Related: 

Vendor Solution: