2 matches found
CVE-2013-0182
The Payment module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to payments, which allows remote attackers to read arbitrary payments...
CVE-2013-0182
The CVE-2013-0182 issue affects the Drupal contributed module Payment (7.x-1.x) prior to 7.x-1.3. The root cause is improper access control that lets remote attackers read other users’ payments. Impact is information disclosure of payments; Drupal core is not affected. Public details confirm the ...