Code injection

2010-04-2014:30:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.8%

JSON

Unspecified vulnerability in the PayPal Website Payments Standard functionality in the Ubercart module 5.x before 5.x-1.9 and 6.x before 6.x-2.1 for Drupal, when a custom checkout completion message is enabled, allows attackers to obtain sensitive information via unknown vectors.

CPENameOperatorVersion
ubercarteq5.x-1.0 rc2
ubercarteq5.x-1.0 beta5
ubercarteq5.x-1.0 alpha7d
ubercarteq5.x-1.0 alpha7c
ubercarteq5.x-1.0 alpha2
ubercarteq5.x-1.0 beta2
ubercarteq5.x-1.0 rc5
ubercarteq5.x-1.0 alpha6b
ubercarteq5.x-1.0 alpha6c
ubercarteq5.x-1.0 rc3

Name	Operator	Version
ubercart	eq	5.x-1.0 rc2
ubercart	eq	5.x-1.0 beta5
ubercart	eq	5.x-1.0 alpha7d
ubercart	eq	5.x-1.0 alpha7c
ubercart	eq	5.x-1.0 alpha2
ubercart	eq	5.x-1.0 beta2
ubercart	eq	5.x-1.0 rc5
ubercart	eq	5.x-1.0 alpha6b
ubercart	eq	5.x-1.0 alpha6c
ubercart	eq	5.x-1.0 rc3

Rows per page:

1-10 of 511

References

osvdb.org/60291

secunia.com/advisories/37440

www.securityfocus.com/bid/37058

drupal.org/node/636576

exchange.xforce.ibmcloud.com/vulnerabilities/54345