Description osCommerce Phoenix CE before 1.0.5.4 allows admin/define_language.php CSRF. Remediation References CVE-2020-27975 Related Vulnerabilities MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2006-0369) TYPO3 7PK - Security Features Vulnerability (CVE-2016-5091) WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool Security Bypass (1.7.14) MySQL CVE-2018-3170 Vulnerability (CVE-2018-3170) Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-2071) Severity High Classification CVE-2020-27975 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities