Vulnerabilities > Shipwire API Project > Shipwire API
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-08-18 | CVE-2015-5498 | Permissions, Privileges, and Access Controls vulnerability in Shipwire API Project Shipwire API 7.X1.0/7.X1.01/7.X1.02 The Shipwire API module 7.x-1.x before 7.x-1.03 for Drupal does not check the view permission for the shipments overview (admin/shipwire/shipments), which allows remote attackers to obtain sensitive information via a request to the page. | 5.0 |