CVE-2009-0412
CVE-2009-0412 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The ProcessLogin function in class.auth.php in Interspire Shopping Cart (ISC) 4.0.1 Ultimate edition allows remote attackers to bypass authentication and obtain administrative access by reusing the RememberToken cookie after a failed admin login attempt.
Learn more about our Web Application Penetration Testing UK.