Vulnerabilities > Ubercart

DATE CVE VULNERABILITY TITLE RISK
2010-04-20 CVE-2009-4772 Information Disclosure vulnerability in Ubercart
Unspecified vulnerability in the PayPal Website Payments Standard functionality in the Ubercart module 5.x before 5.x-1.9 and 6.x before 6.x-2.1 for Drupal, when a custom checkout completion message is enabled, allows attackers to obtain sensitive information via unknown vectors.
network
ubercart drupal
4.3
2010-04-20 CVE-2009-4771 Improper Input Validation vulnerability in Ubercart
The PayPal Website Payments Standard functionality in the Ubercart module 5.x before 5.x-1.9 and 6.x before 6.x-2.1 for Drupal does not properly validate orders, which allows remote attackers to trigger unspecified "duplicate actions" via unknown vectors.
network
low complexity
ubercart drupal CWE-20
5.0