EUVD-2015-4391

Malware in sbrugna...

CVE-2015-4368

The Commerce Ogone module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to complete the checkout for an order without paying via unspecified vectors...

Buffer overflow

The Commerce Ogone module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to complete the checkout for an order without paying via unspecified vectors...

CVE-2015-4368

The Commerce Ogone module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to complete the checkout for an order without paying via unspecified vectors...

CVE-2015-4368

CVE-2015-4368 affects the Drupal Commerce Ogone module (7.x-1.x) prior to 7.x-1.5. The vulnerability allows malicious users to bypass the payment step and complete the checkout without a payment being processed, via unspecified vectors described in the advisory and CVE records. The root cause is ...

Drupal Commerce Ogone Module Access Bypass Vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community. commerce Ogone is one of the e-commerce modules that integrates Ogone payment system. An access bypass vulnerability exists in the Drupal Commerce Ogone module. An attacker could use...

SA-CONTRIB-2015-072 - Commerce Ogone - Access bypass

This module enables you to use Ogone Ingenico as a payment method for Drupal Commerce. Malicious users can trick Commerce Ogone into proceeding with the checkout process without actually going through the Ogone payment process, causing the order status to be set to checkout complete, even though ...

SA-CONTRIB-2010-062 - Ogone | Ubercart payment - Access Bypass

Ogone | Ubercart payment is a payment module for Ubercart that integrates Ogone PSP gateway as a checkout method for Ubercart. The module does not always correctly verify the order status returned by the Ogone gateway, potentially allowing unpaid orders to be processed. Versions affected Ogone |...