CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-3429

Malware in sbrugna...

3.5CVSS6.4AI score0.00209EPSS

Exploits0References4

NVD•added 2015/04/21 6:59 p.m.•12 views

CVE-2015-3388

Cross-site request forgery CSRF vulnerability in the Commerce Balanced Payments module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete the user's configured bank accounts via unspecified vectors...

5.8CVSS7.2AI score0.00126EPSS

Exploits0References3

NVD•added 2015/04/21 6:59 p.m.•11 views

CVE-2015-3384

Cross-site scripting XSS vulnerability in the Bank Account Listing Page in the Commerce Balanced Payments module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.2AI score0.00209EPSS

Exploits0References3

Prion•added 2015/04/21 6:59 p.m.•12 views

Cross site request forgery (csrf)

5.8CVSS7.7AI score0.00126EPSS

Exploits0References3Affected Software1

Prion•added 2015/04/21 6:59 p.m.•14 views

Cross site scripting

3.5CVSS5.7AI score0.00209EPSS

Exploits0References3Affected Software1

CVE•added 2015/04/21 6:0 p.m.•41 views

CVE-2015-3384

CVE-2015-3384 is a Cross-Site Scripting (XSS) vulnerability in the Drupal Commerce Balanced Payments module, specifically affecting the Bank Account Listing Page. The root cause is insufficient sanitization of user-supplied text in that page, enabling remote authenticated users to inject arbitrar...

3.5CVSS5.4AI score0.00209EPSS

Exploits0References3Affected Software1

CVE•added 2015/04/21 6:0 p.m.•43 views

CVE-2015-3388

CVE-2015-3388 affects Drupal’s Commerce Balanced Payments module. A CSRF flaw allows an attacker to hijack a user’s session to trigger requests that delete the user’s configured bank accounts via unspecified vectors. Public advisories indicate CSRF (and related XSS) in Commerce Balanced Payments ...

5.8CVSS7.4AI score0.00126EPSS

Exploits0References3Affected Software1

Cvelist•added 2015/04/21 6:0 p.m.•16 views

CVE-2015-3384

5.2AI score0.00209EPSS

Exploits0References3

Cvelist•added 2015/04/21 6:0 p.m.•16 views

CVE-2015-3388

7.2AI score0.00126EPSS

Exploits0References3

CNVD•added 2015/03/05 12:0 a.m.•1 views

Multiple Vulnerabilities in Drupal Commerce Balanced Payments Module

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Commerce Balanced Payments is one of the payment modules. A cross-site scripting vulnerability and a cross-site request forgery vulnerability exists in the Drupal Commerce Balanced...

5.8CVSS6.9AI score0.00126EPSS

Exploits0References1

Drupal•added 2015/02/11 12:0 a.m.•13 views

SA-CONTRIB-2015-043 - Commerce Balanced Payments - Multiple vulnerabilities

Commerce Balanced Payments module integrates Drupal Commerce with the Balanced Payments third-party service. The module doesn't sufficiently sanitize user supplied text in the Bank Account Listing Page, thereby exposing a Cross Site Scripting vulnerability. Also, some URLs were not protected...

5.8CVSS5.9AI score0.00209EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by