Cross-site request forgery (CSRF) vulnerability in VirtueMart 1.0.13a and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
https://exchange.xforce.ibmcloud.com/vulnerabilities/40117
http://virtuemart.net/index.php?option=com_content&task=view&id=276&Itemid=127