Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 12:43 a.m.8 views

CVE-2015-7231

The Commerce Commonwealth CBA module 7.x-1.x before 7.x-1.5 for Drupal does not properly validate payments, which allows remote attackers to make a failed payment appear valid via a crafted URL, related to a "response from commweb."...

5CVSS7AI score0.01054EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/09/17 4:0 p.m.24 views

CVE-2015-7231

The Commerce Commonwealth CBA module 7.x-1.x before 7.x-1.5 for Drupal does not properly validate payments, which allows remote attackers to make a failed payment appear valid via a crafted URL, related to a "response from commweb."...

6.6AI score0.01054EPSS
Exploits0References2
CVE
CVE
added 2015/09/17 4:0 p.m.51 views

CVE-2015-7231

The Drupal Commerce Commonwealth (CBA) module for Drupal 7.x-1.x is affected by an input validation flaw in payment processing. Specifically, versions prior to 7.x-1.5 do not sufficiently validate gateway interactions, allowing a remote attacker to craft a URL that makes a failed payment appear v...

5CVSS6.8AI score0.01054EPSS
Exploits0References2Affected Software1
Drupal
Drupal
added 2015/08/05 12:0 a.m.27 views

Commerce Commonwealth (CBA) - Moderately Critical - Insufficient Verification of API Data - SA-CONTRIB-2015-136

This module enables you to pay for items on Drupal Commerce, using Commerce Commonwealth payment gateway. The module doesn't sufficiently validate the payment under certain specific scenarios. A malicious user can modify the urls used in gateway interaction with Commbank to make a failed payment...

5CVSS6.3AI score0.01054EPSS
Exploits0References10
Rows per page
Query Builder