Lucene search
K
DrupalUbercart Module

4 matches found

CVE
CVE
added 2007/10/22 7:0 p.m.57 views

CVE-2007-5621

CVE-2007-5621 involves multiple cross-site scripting (XSS) vulnerabilities in the Drupal Token module. Affected are Token versions before 4.7.x-1.5 and 5.x before 5.x-1.9, as used by modules such as ASIN Field, e-Commerce, Fullname field for CCK, Invite, Node Relativity, Pathauto, PayPal Node, an...

3.5CVSS5.5AI score0.00842EPSS
CVE
CVE
added 2008/04/27 8:0 p.m.56 views

CVE-2008-1978

The CVE-2008-1978 entry describes an XSS vulnerability in the Ubercart 5.x for Drupal, specifically in the Ubercart 5.x before 5.x-1.0 rc3 module. The issue allows remote authenticated users to inject arbitrary web script or HTML via node titles related to unspecified product features (a vector d...

3.5CVSS5.2AI score0.00868EPSS
CVE
CVE
added 2008/03/20 6:0 p.m.49 views

CVE-2008-1428

CVE-2008-1428 refers to multiple XSS vulnerabilities in the Ubercart 5.x for Drupal, exploitable via a text attribute value for a product. Affected release: Ubercart 5.x before 5.x-1.0-beta7. Connected documents confirm related Ubercart XSS CVEs with different vectors (e.g., node titles, address/...

4.3CVSS5.6AI score0.01022EPSS
CVE
CVE
added 2008/04/22 12:0 a.m.45 views

CVE-2008-1916

CVE-2008-1916 is an XSS vulnerability in Ubercart 5.x for Drupal, exploitable via text fields for address and order information that are displayed on the order view and other admin pages. The connected PRION entries corroborate the vector as text attribute values for product-related fields, with ...

4.3CVSS5.8AI score0.01022EPSS