Secunia Security Advisory – Russ McRee has discovered some vulnerabilities in DFD Cart, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/86862/sa38635.txt
Source: https://packetstormsecurity.com/files/86862/Secunia-Security-Advisory-38635.html