Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-4771
HistoryApr 20, 2010 - 2:30 p.m.

CVE-2009-4771

2010-04-2014:30:01
CWE-20
[email protected]
web.nvd.nist.gov
21
paypal
website payments
ubercart
drupal
remote attackers
security vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.1%

JSON

The PayPal Website Payments Standard functionality in the Ubercart module 5.x before 5.x-1.9 and 6.x before 6.x-2.1 for Drupal does not properly validate orders, which allows remote attackers to trigger unspecified “duplicate actions” via unknown vectors.

Affected configurations

NVD
Node
ubercartubercartMatch5.x-1.0
OR
ubercartubercartMatch5.x-1.0alpha1
OR
ubercartubercartMatch5.x-1.0alpha2
OR
ubercartubercartMatch5.x-1.0alpha3
OR
ubercartubercartMatch5.x-1.0alpha4
OR
ubercartubercartMatch5.x-1.0alpha5
OR
ubercartubercartMatch5.x-1.0alpha6
OR
ubercartubercartMatch5.x-1.0alpha6b
OR
ubercartubercartMatch5.x-1.0alpha6c
OR
ubercartubercartMatch5.x-1.0alpha7
OR
ubercartubercartMatch5.x-1.0alpha7b
OR
ubercartubercartMatch5.x-1.0alpha7c
OR
ubercartubercartMatch5.x-1.0alpha7d
OR
ubercartubercartMatch5.x-1.0alpha7e
OR
ubercartubercartMatch5.x-1.0alpha8
OR
ubercartubercartMatch5.x-1.0beta1
OR
ubercartubercartMatch5.x-1.0beta2
OR
ubercartubercartMatch5.x-1.0beta3
OR
ubercartubercartMatch5.x-1.0beta4
OR
ubercartubercartMatch5.x-1.0beta5
OR
ubercartubercartMatch5.x-1.0beta6
OR
ubercartubercartMatch5.x-1.0beta7
OR
ubercartubercartMatch5.x-1.0rc1
OR
ubercartubercartMatch5.x-1.0rc2
OR
ubercartubercartMatch5.x-1.0rc3
OR
ubercartubercartMatch5.x-1.0rc4
OR
ubercartubercartMatch5.x-1.0rc5
OR
ubercartubercartMatch5.x-1.1
OR
ubercartubercartMatch5.x-1.2
OR
ubercartubercartMatch5.x-1.3
OR
ubercartubercartMatch5.x-1.3rc1
OR
ubercartubercartMatch5.x-1.4
OR
ubercartubercartMatch5.x-1.5
OR
ubercartubercartMatch5.x-1.6
OR
ubercartubercartMatch5.x-1.7
OR
ubercartubercartMatch5.x-1.8
OR
ubercartubercartMatch6.x-2.0
OR
ubercartubercartMatch6.x-2.0beta1
OR
ubercartubercartMatch6.x-2.0beta2
OR
ubercartubercartMatch6.x-2.0beta3
OR
ubercartubercartMatch6.x-2.0beta4
OR
ubercartubercartMatch6.x-2.0beta5
OR
ubercartubercartMatch6.x-2.0beta6
OR
ubercartubercartMatch6.x-2.0dev
OR
ubercartubercartMatch6.x-2.0rc1
OR
ubercartubercartMatch6.x-2.0rc2
OR
ubercartubercartMatch6.x-2.0rc3
OR
ubercartubercartMatch6.x-2.0rc4
OR
ubercartubercartMatch6.x-2.0rc5
OR
ubercartubercartMatch6.x-2.0rc6
OR
ubercartubercartMatch6.x-2.0rc7
AND
drupaldrupal

Related

cvelist 1
prion 1
nvd 1
cvelist
cvelist
CVE-2009-4771
2010-04-20 14:00:00
prion
prion
Code injection
2010-04-20 14:30:00
nvd
nvd
CVE-2009-4771
2010-04-20 14:30:01

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.1%

JSON
Related for CVE-2009-4771
cvelist1prion1nvd1