osCommerce 2.3.4 Local File Inclusion / Cross Site Request Forgery

osCommerce version 2.3.4 suffers from cross site request forgery and local file inclusion vulnerabilities.

007 Software