CVE-2012-3802 - Unspecified vulnerability in the Post Affiliate Pro (PAP) module for Drupal allows remote authentica

CVE-2012-3802

Summary

Unspecified vulnerability in the Post Affiliate Pro (PAP) module for Drupal allows remote authenticated users to read the commissions of other users via unknown attack vectors.

References

http://drupal.org/node/1585648
http://www.openwall.com/lists/oss-security/2012/06/14/3
http://www.securityfocus.com/bid/53589
https://exchange.xforce.ibmcloud.com/vulnerabilities/75716

Vulnerable Configurations

cpe:2.3:a:peter_pokrivcak:post_affiliate_pro:-:*:*:*:*:*:*:*
cpe:2.3:a:peter_pokrivcak:post_affiliate_pro:-:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*

CVSS

Base:	4.0 (as of 29-08-2017 - 01:32)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:S/C:P/I:N/A:N

refmap via4

bid	53589
misc	http://drupal.org/node/1585648
mlist	[oss-security] 20120613 Re: CVE Request for Drupal contributed modules
xf	postaffiliatepro-registration-xss(75716)

Last major update

29-08-2017 - 01:32

Published

27-06-2012 - 18:55

Last modified

29-08-2017 - 01:32