CVE-2014-9026
20.11.2014, 17:50
The Ubercart module 7.x-3.x before 7.x-3.7 for Drupal does not properly protect the per-user order history view, which allows remote authenticated users with the "view own orders" permission to obtain sensitive information via unspecified vectors.Enginsight
| Vendor | Product | Version |
|---|---|---|
| ubercart | ubercart | 7.x-3.0:x |
| ubercart | ubercart | 7.x-3.0:x |
| ubercart | ubercart | 7.x-3.0:x |
| ubercart | ubercart | 7.x-3.0:x |
| ubercart | ubercart | 7.x-3.0:x |
| ubercart | ubercart | 7.x-3.0:x |
| ubercart | ubercart | 7.x-3.0:x |
| ubercart | ubercart | 7.x-3.0:x |
| ubercart | ubercart | 7.x-3.0:x |
| ubercart | ubercart | 7.x-3.0:x |
| ubercart | ubercart | 7.x-3.0:x |
| ubercart | ubercart | 7.x-3.0:x |
| ubercart | ubercart | 7.x-3.1:x |
| ubercart | ubercart | 7.x-3.2:x |
| ubercart | ubercart | 7.x-3.3:x |
| ubercart | ubercart | 7.x-3.4:x |
| ubercart | ubercart | 7.x-3.5:x |
| ubercart | ubercart | 7.x-3.6:x |
| ubercart | ubercart | 7.x-3.7:x |
| ubercart | ubercart | 7.x-3.x-dev:x |
𝑥
= Vulnerable software versions
Common Weakness Enumeration