RSS   Vulnerabilities for 'Ubercart module'   RSS

2008-04-27
 
CVE-2008-1978

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the Ubercart 5.x before 5.x-1.0 rc3 module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via node titles related to unspecified product features, a different vector than CVE-2008-1428.

 
2008-04-23
 
CVE-2008-1916

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart 5.x before 5.x-1.0-rc1 module for Drupal allow remote attackers to inject arbitrary web script or HTML via text fields intended for the (1) address and (2) order information, which are later displayed on the order view page and unspecified other administrative pages, a different vulnerability than CVE-2008-1428.

 
2008-03-20
 
CVE-2008-1428

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart 5.x before 5.x-1.0-beta7 module for Drupal allow remote attackers to inject arbitrary web script or HTML via a text attribute value for a product.

 
2007-10-22
 
CVE-2007-5621

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in the Token module before 4.7.x-1.5, and 5.x before 5.x-1.9, for Drupal; as used by the ASIN Field, e-Commerce, Fullname field for CCK, Invite, Node Relativity, Pathauto, PayPal Node, and Ubercart modules; allow remote authenticated users with a post comments privilege to inject arbitrary web script or HTML via unspecified vectors related to (1) comments, (2) vocabulary names, (3) term names, and (4) usernames.

 

 >>> Vendor: Drupal 139 Products
Drupal
Form mail module
Job search
Bibliography module
Recipe module
Drupal easylinks module
Drupal e-commerce module
Drupal pathauto module
Drupal pubcookie module
Drupal userreview module
Search keyword module
Site profile directory module
Extended tracker
Cvs management and tracker
Chatroom module
Help tip module
Drupal project
Drupal project issue tracking
Drupal mysite
Imce module
Project
Project issue tracking module
Acidfree
Textimage
Secure site module
Audio module
Getid3
Mediafield module
Nodefamily
Database administration module
Print module
Forward module
Logintoboggan module
Content construction kit
Weblinks
Asin field module
E-commerce module
Fullname field for cck
Invite module
Node relativity module
Pathauto module
Paypal node module
Token module
Ubercart module
Shoutbox
Feature module
Meta tags module
Bueditor
Atom module
Fileshare module
Archive module
Workflow
Comment upload module
Openid
Userpoints module
Header image
Webform module
Internationalization
Localizer
E-publish
Site documentation module
Node hierarchy module
Magic tabs module
Taxonomy image module
Trailscout module
Aggregation module
Taxonomy autotagger module
Organic groups module
Outline designer module
Tinytax taxonomy block module
Suggested terms module
Upload module
Mailsave
Mailhandler
Link to us
TALK
Brilliant gallery
Shindig-integrator
Node clone
Stock module
Ajax checklist
Views
Everyblog
Semantically interconnected online communities
Localization client
Localization server
User karma module
Storm
Comment mail
Views bulk operations
Link module
Protected node module
Taxonomy theme module
Tasklist
Plus1
Print
Feedapi mapper
Cck comment reference
News page
Nodeaccess userreference
See all Products for Vendor Drupal


Copyright 2018, cxsecurity.com

 

Back to Top