Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal ubercart module vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-5504
SQL injection vulnerability in the Novalnet Payment Module Ubercart module for Drupal allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Novalnet Novalnet Payment Module Ubercart-
NA
CVE-2015-4354
Cross-site scripting (XSS) vulnerability in the Ubercart Webform Integration module prior to 6.x-1.8 and 7.x prior to 7.x-2.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors.
Ubercart Webform Integration Project Ubercart Webform Integration 7.x-1.0
Ubercart Webform Integration Project Ubercart Webform Integration 6.x-1.0
Ubercart Webform Integration Project Ubercart Webform Integration 7.x-2.0
NA
CVE-2015-4384
Cross-site scripting (XSS) vulnerability in the Ubercart Webform Checkout Pane module 6.x-3.x prior to 6.x-3.10 and 7.x-3.x prior to 7.x-3.11 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors.
Ubercart Webform Checkout Pane Project Ubercart Webform Checkout Pane 6.x-3.x
Ubercart Webform Checkout Pane Project Ubercart Webform Checkout Pane 7.x-3.x
NA
CVE-2015-4358
Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Ubercart Discount Coupons module 6.x-1.x prior to 6.x-1.8 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxono...
Ubercart Discount Coupons Project Ubercart Discount Coupons 6.x-1.4
Ubercart Discount Coupons Project Ubercart Discount Coupons 6.x-1.5
Ubercart Discount Coupons Project Ubercart Discount Coupons 6.x-1.6
Ubercart Discount Coupons Project Ubercart Discount Coupons 6.x-1.7
Ubercart Discount Coupons Project Ubercart Discount Coupons 6.x-1.0
Ubercart Discount Coupons Project Ubercart Discount Coupons 6.x-1.2
Ubercart Discount Coupons Project Ubercart Discount Coupons 6.x-1.1
Ubercart Discount Coupons Project Ubercart Discount Coupons 6.x-1.3
NA
CVE-2015-3342
Open redirect vulnerability in the Ubercart Currency Conversion module prior to 6.x-1.2 for Drupal allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination query parameter.
Ubercart Currency Conversion Project Ubercart Currency Conversion
NA
CVE-2014-9026
The Ubercart module 7.x-3.x prior to 7.x-3.7 for Drupal does not properly protect the per-user order history view, which allows remote authenticated users with the "view own orders" permission to obtain sensitive information via unspecified vectors.
Ubercart Ubercart 7.x-3.0
Ubercart Ubercart 7.x-3.6
Ubercart Ubercart 7.x-3.7
Ubercart Ubercart 7.x-3.3
Ubercart Ubercart 7.x-3.5
Ubercart Ubercart 7.x-3.1
Ubercart Ubercart 7.x-3.x-dev
Ubercart Ubercart 7.x-3.2
Ubercart Ubercart 7.x-3.4
NA
CVE-2012-2301
The Ubercart module 6.x-2.x prior to 6.x-2.8 for Drupal allows remote authenticated users with the "administer product classes" permission to execute arbitrary PHP code via unspecified vectors.
Ubercart Ubercart 6.x-2.0
Ubercart Ubercart 6.x-2.2
Ubercart Ubercart 6.x-2.1
Ubercart Ubercart 6.x-2.3
Ubercart Ubercart 6.x-2.4
Ubercart Ubercart 6.x-2.6
Ubercart Ubercart 6.x-2.7
NA
CVE-2013-7302
Session fixation vulnerability in the Ubercart module 6.x-2.x prior to 6.x-2.13 and 7.x-3.x prior to 7.x-3.6 for Drupal, when the "Log in new customers after checkout" option is enabled, allows remote malicious users to hijack web sessions by leveraging knowledge of the...
Ubercart Ubercart 7.x-3.0
Ubercart Ubercart 6.x-2.0
Ubercart Ubercart 6.x-2.9
Ubercart Ubercart 7.x-3.5
Ubercart Ubercart 6.x-2.4
Ubercart Ubercart 6.x-2.7
Ubercart Ubercart 7.x-3.4
Ubercart Ubercart 7.x-3.3
Ubercart Ubercart 7.x-3.2
Ubercart Ubercart 6.x-2.12
Ubercart Ubercart 6.x-2.11
Ubercart Ubercart 6.x-2.10
Ubercart Ubercart 6.x-2.1
Ubercart Ubercart 6.x-2.2
Ubercart Ubercart 6.x-2.3
Ubercart Ubercart 7.x-3.1
Ubercart Ubercart 6.x-2.6
Ubercart Ubercart 6.x-2.8
NA
CVE-2013-0321
Cross-site scripting (XSS) vulnerability in Views in the Ubercart Views (uc_views) module 6.x prior to 6.x-3.3 for Drupal allows remote malicious users to inject arbitrary web script or HTML via the full name field.
Ubercart Views Project Uc Views 6.x-3.2
Ubercart Views Project Uc Views 6.x-3.0
Ubercart Views Project Uc Views 6.x-1.x
Ubercart Views Project Uc Views 6.x-3.x
Ubercart Views Project Uc Views 6.x-2.0
Ubercart Views Project Uc Views 6.x-1.1
Ubercart Views Project Uc Views 6.x-1.0
Ubercart Views Project Uc Views 6.x-3.1
NA
CVE-2013-0322
Cross-site scripting (XSS) vulnerability in Views in the Ubercart module 7.x-3.x prior to 7.x-3.4 for Drupal allows remote malicious users to inject arbitrary web script or HTML via the full name field.
Ubercart Ubercart 7.x-3.0
Ubercart Ubercart 7.x-3.1
Ubercart Ubercart 7.x-3.2
Ubercart Ubercart 7.x-3.3
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »