3 matches found
CVE-2013-1924
Commerce Skrill Formerly Moneybookers has an Access bypass vulnerability in all versions prior to 7.x-1.2...
CVE-2013-1924
The CVE-2013-1924 vulnerability affects the Commerce Skrill (Formerly Moneybookers) contributed module for Drupal, with an access bypass in the IPN processing that could allow forged notifications to be accepted. It affects all versions prior to 7.x-1.2; Drupal core is not affected. The fix is to...
SA-CONTRIB-2013-040 - Commerce Skrill (Formerly Moneybookers) - Access bypass
This module integrates the Skrill online payment services with Drupal Commerce. When processing Instant payment notifications IPN, the "Moneybookers enterprise" payment method provided by the Commerce Skrill contributed module does not perform sufficient access checking, potentially allowing forg...