Vulnerabilities > Ubercart > Ubercart > 7.x.3.x.dev
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-11-20 | CVE-2014-9026 | Permissions, Privileges, and Access Controls vulnerability in Ubercart The Ubercart module 7.x-3.x before 7.x-3.7 for Drupal does not properly protect the per-user order history view, which allows remote authenticated users with the "view own orders" permission to obtain sensitive information via unspecified vectors. | 4.0 |