Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal ubercart module vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1428
Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart 5.x prior to 5.x-1.0-beta7 module for Drupal allow remote malicious users to inject arbitrary web script or HTML via a text attribute value for a product.
Drupal Ubercart Module
NA
CVE-2008-1916
Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart 5.x prior to 5.x-1.0-rc1 module for Drupal allow remote malicious users to inject arbitrary web script or HTML via text fields intended for the (1) address and (2) order information, which are later displayed on ...
Drupal Ubercart Module 5-1.0
NA
CVE-2007-5621
Multiple cross-site scripting (XSS) vulnerabilities in the Token module prior to 4.7.x-1.5, and 5.x prior to 5.x-1.9, for Drupal; as used by the ASIN Field, e-Commerce, Fullname field for CCK, Invite, Node Relativity, Pathauto, PayPal Node, and Ubercart modules; allow remote auth...
Drupal Drupal 5.2
Drupal E-commerce Module
Drupal Token Module
Drupal Asin Field Module
Drupal Drupal 4.7
Drupal Node Relativity Module
Drupal Pathauto Module
Drupal Drupal 5.0
Drupal Drupal 5.1
Drupal Paypal Node Module
Drupal Ubercart Module
Drupal Fullname Field For Cck
Drupal Invite Module
NA
CVE-2015-5504
SQL injection vulnerability in the Novalnet Payment Module Ubercart module for Drupal allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Novalnet Novalnet Payment Module Ubercart-
NA
CVE-2012-2301
The Ubercart module 6.x-2.x prior to 6.x-2.8 for Drupal allows remote authenticated users with the "administer product classes" permission to execute arbitrary PHP code via unspecified vectors.
Ubercart Ubercart 6.x-2.0
Ubercart Ubercart 6.x-2.2
Ubercart Ubercart 6.x-2.1
Ubercart Ubercart 6.x-2.3
Ubercart Ubercart 6.x-2.4
Ubercart Ubercart 6.x-2.6
Ubercart Ubercart 6.x-2.7
NA
CVE-2013-7302
Session fixation vulnerability in the Ubercart module 6.x-2.x prior to 6.x-2.13 and 7.x-3.x prior to 7.x-3.6 for Drupal, when the "Log in new customers after checkout" option is enabled, allows remote malicious users to hijack web sessions by leveraging knowledge of the...
Ubercart Ubercart 7.x-3.0
Ubercart Ubercart 6.x-2.0
Ubercart Ubercart 6.x-2.9
Ubercart Ubercart 7.x-3.5
Ubercart Ubercart 6.x-2.4
Ubercart Ubercart 6.x-2.7
Ubercart Ubercart 7.x-3.4
Ubercart Ubercart 7.x-3.3
Ubercart Ubercart 7.x-3.2
Ubercart Ubercart 6.x-2.12
Ubercart Ubercart 6.x-2.11
Ubercart Ubercart 6.x-2.10
Ubercart Ubercart 6.x-2.1
Ubercart Ubercart 6.x-2.2
Ubercart Ubercart 6.x-2.3
Ubercart Ubercart 7.x-3.1
Ubercart Ubercart 6.x-2.6
Ubercart Ubercart 6.x-2.8
NA
CVE-2009-4771
The PayPal Website Payments Standard functionality in the Ubercart module 5.x prior to 5.x-1.9 and 6.x prior to 6.x-2.1 for Drupal does not properly validate orders, which allows remote malicious users to trigger unspecified "duplicate actions" via unknown vectors.
Ubercart Ubercart 5.x-1.8
Ubercart Ubercart 5.x-1.2
Ubercart Ubercart 5.x-1.1
Ubercart Ubercart 5.x-1.0
Ubercart Ubercart 6.x-2.0
Ubercart Ubercart 5.x-1.7
Ubercart Ubercart 5.x-1.6
Ubercart Ubercart 5.x-1.3
Ubercart Ubercart 5.x-1.5
Ubercart Ubercart 5.x-1.4
NA
CVE-2009-4773
Cross-site request forgery (CSRF) vulnerability in the order-management functionality in the Ubercart module 5.x prior to 5.x-1.9 and 6.x prior to 6.x-2.1 for Drupal allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Ubercart Ubercart 5.x-1.2
Ubercart Ubercart 5.x-1.1
Ubercart Ubercart 5.x-1.0
Ubercart Ubercart 6.x-2.0
Ubercart Ubercart 5.x-1.5
Ubercart Ubercart 5.x-1.4
Ubercart Ubercart 5.x-1.3
Ubercart Ubercart 5.x-1.8
Ubercart Ubercart 5.x-1.7
Ubercart Ubercart 5.x-1.6
NA
CVE-2009-4772
Unspecified vulnerability in the PayPal Website Payments Standard functionality in the Ubercart module 5.x prior to 5.x-1.9 and 6.x prior to 6.x-2.1 for Drupal, when a custom checkout completion message is enabled, allows malicious users to obtain sensitive information via unknow...
Ubercart Ubercart 5.x-1.5
Ubercart Ubercart 5.x-1.4
Ubercart Ubercart 5.x-1.0
Ubercart Ubercart 6.x-2.0
Ubercart Ubercart 5.x-1.8
Ubercart Ubercart 5.x-1.2
Ubercart Ubercart 5.x-1.1
Ubercart Ubercart 5.x-1.7
Ubercart Ubercart 5.x-1.6
Ubercart Ubercart 5.x-1.3
NA
CVE-2014-9026
The Ubercart module 7.x-3.x prior to 7.x-3.7 for Drupal does not properly protect the per-user order history view, which allows remote authenticated users with the "view own orders" permission to obtain sensitive information via unspecified vectors.
Ubercart Ubercart 7.x-3.0
Ubercart Ubercart 7.x-3.6
Ubercart Ubercart 7.x-3.7
Ubercart Ubercart 7.x-3.3
Ubercart Ubercart 7.x-3.5
Ubercart Ubercart 7.x-3.1
Ubercart Ubercart 7.x-3.x-dev
Ubercart Ubercart 7.x-3.2
Ubercart Ubercart 7.x-3.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »