71 matches found
EUVD-2026-43088
vulnerability in Drupal Commerce guest registration allows . This issue affects Commerce guest registration versions:...
EUVD-2026-43062
Incorrect Authorization vulnerability in Drupal Commerce Realex / Global Payments allows Forceful Browsing. This issue affects Commerce Realex / Global Payments versions: from 0.0.0 to 3.0.2...
EUVD-2026-43115
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Commerce Core allows Stored XSS. This issue affects Commerce Core versions: from 3.3.0 to 3.3.6...
CVE-2026-15089
vulnerability in Drupal Commerce guest registration allows . This issue affects Commerce guest registration versions:...
CVE-2026-13238
Incorrect Authorization vulnerability in Drupal Commerce Realex / Global Payments allows Forceful Browsing. This issue affects Commerce Realex / Global Payments versions: from 0.0.0 to 3.0.2...
CVE-2026-10769
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Commerce Core allows Stored XSS. This issue affects Commerce Core versions: from 3.3.0 to 3.3.6...
CVE-2026-15089
The CVE-2026-15089 entry concerns a vulnerability in Drupal Commerce guest registration. Affected component: Drupal Commerce guest registration feature; details on affected versions are not provided beyond “. ” in the documents. The CVSS 3.1 base score is listed as 9.1 (CRITICAL) with high confid...
CVE-2026-15089 Commerce guest registration - Critical - Unsupported - SA-CONTRIB-2026-079
vulnerability in Drupal Commerce guest registration allows . This issue affects Commerce guest registration versions:...
CVE-2026-13238 Commerce Realex / Global Payments - Moderately critical - Access Bypass - SA-CONTRIB-2026-058
Incorrect Authorization vulnerability in Drupal Commerce Realex / Global Payments allows Forceful Browsing. This issue affects Commerce Realex / Global Payments versions: from 0.0.0 to 3.0.2...
CVE-2026-10769
Summary (CVE-2026-10769, Drupal Commerce Core) : Stored XSS in Drupal Commerce Core due to improper neutralization of user input during web page generation, specifically from customer comments in the order receipt email template. Affected versions: Commerce Core 3.3.0–3.3.6. Condition: installs w...
CVE-2026-10769 Commerce Core - Moderately critical - Cross site scripting - SA-CONTRIB-2026-041
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Commerce Core allows Stored XSS. This issue affects Commerce Core versions: from 3.3.0 to 3.3.6...
CVE-2026-10769 Commerce Core - Moderately critical - Cross site scripting - SA-CONTRIB-2026-041
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Commerce Core allows Stored XSS. This issue affects Commerce Core versions: from 3.3.0 to 3.3.6...
CVE-2026-0750
Improper Verification of Cryptographic Signature vulnerability in Drupal Drupal Commerce Paybox Commerce Paybox on Drupal 7.X allows Authentication Bypass.This issue affects Drupal Commerce Paybox: from 7-x-1.0 through 7.X-1.5...
CVE-2026-0750 Payment bypass in Commerce Paybox
Improper Verification of Cryptographic Signature vulnerability in Drupal Drupal Commerce Paybox Commerce Paybox on Drupal 7.X allows Authentication Bypass.This issue affects Drupal Commerce Paybox: from 7-x-1.0 through 7.X-1.5...
CVE-2026-0750
CVE-2026-0750 describes an authentication bypass in the Drupal Commerce Paybox module on Drupal 7.x, caused by improper verification of a cryptographic signature. Affected products/components: Drupal Commerce Paybox for Drupal 7.x, specifically versions 7-x-1.0 through 7.X-1.5. The root cause is ...
CVE-2026-0750 Payment bypass in Commerce Paybox
Improper Verification of Cryptographic Signature vulnerability in Drupal Drupal Commerce Paybox Commerce Paybox on Drupal 7.X allows Authentication Bypass.This issue affects Drupal Commerce Paybox: from 7-x-1.0 through 7.X-1.5...
Drupal Commerce Paybox security vulnerabilities
Drupal Commerce Paybox is a payment plugin for the Drupal community. There are security vulnerabilities in the Drupal Commerce Paybox versions 7-x-1.0 to 7.X-1.5. These vulnerabilities stem from improper encryption signature verification, which may lead to authentication bypasses...
PT-2026-5190
Improper Verification of Cryptographic Signature vulnerability in Drupal Drupal Commerce Paybox Commerce Paybox on Drupal 7.X allows Authentication Bypass.This issue affects Drupal Commerce Paybox: from 7-x-1.0 through 7.X-1.5...
EUVD-2014-8853
Malware in sbrugna...
EUVD-2012-1649
Malware in sbrugna...