| Max CVSS | 6.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-2301 | 6.0 |
The Ubercart module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer product classes" permission to execute arbitrary PHP code via unspecified vectors.
|
19-11-2014 - 19:34 | 16-11-2014 - 02:59 | |
| CVE-2012-2300 | 2.1 |
Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal allow remote authenticated users with the administer product classes permission to inject arbitrary web script or
|
15-08-2012 - 18:47 | 14-08-2012 - 22:55 | |
| CVE-2012-2299 | 2.1 |
The Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal stores passwords for new customers in plaintext during checkout, which allows local users to obtain sensitive information by reading from the database.
|
15-08-2012 - 04:00 | 14-08-2012 - 22:55 |