Session fixation vulnerability in the Ubercart module 6.x-2.x prior to 6.x-2.13 and 7.x-3.x prior to 7.x-3.6 for Drupal, when the "Log in new customers after checkout" option is enabled, allows remote malicious users to hijack web sessions by leveraging knowledge of the original session ID.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ubercart ubercart 7.x-3.0 |
||
ubercart ubercart 6.x-2.0 |
||
ubercart ubercart 6.x-2.9 |
||
ubercart ubercart 7.x-3.5 |
||
ubercart ubercart 6.x-2.4 |
||
ubercart ubercart 6.x-2.7 |
||
ubercart ubercart 7.x-3.4 |
||
ubercart ubercart 7.x-3.3 |
||
ubercart ubercart 7.x-3.2 |
||
ubercart ubercart 6.x-2.12 |
||
ubercart ubercart 6.x-2.11 |
||
ubercart ubercart 6.x-2.10 |
||
ubercart ubercart 6.x-2.1 |
||
ubercart ubercart 6.x-2.2 |
||
ubercart ubercart 6.x-2.3 |
||
ubercart ubercart 7.x-3.1 |
||
ubercart ubercart 6.x-2.6 |
||
ubercart ubercart 6.x-2.8 |