CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
75.0%
The PayPal Website Payments Standard functionality in the Ubercart module 5.x before 5.x-1.9 and 6.x before 6.x-2.1 for Drupal does not properly validate orders, which allows remote attackers to trigger unspecified “duplicate actions” via unknown vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
ubercart | ubercart | 5.x-1.0 | cpe:2.3:a:ubercart:ubercart:5.x-1.0:*:*:*:*:*:*:* |
ubercart | ubercart | 5.x-1.0 | cpe:2.3:a:ubercart:ubercart:5.x-1.0:alpha1:*:*:*:*:*:* |
ubercart | ubercart | 5.x-1.0 | cpe:2.3:a:ubercart:ubercart:5.x-1.0:alpha2:*:*:*:*:*:* |
ubercart | ubercart | 5.x-1.0 | cpe:2.3:a:ubercart:ubercart:5.x-1.0:alpha3:*:*:*:*:*:* |
ubercart | ubercart | 5.x-1.0 | cpe:2.3:a:ubercart:ubercart:5.x-1.0:alpha4:*:*:*:*:*:* |
ubercart | ubercart | 5.x-1.0 | cpe:2.3:a:ubercart:ubercart:5.x-1.0:alpha5:*:*:*:*:*:* |
ubercart | ubercart | 5.x-1.0 | cpe:2.3:a:ubercart:ubercart:5.x-1.0:alpha6:*:*:*:*:*:* |
ubercart | ubercart | 5.x-1.0 | cpe:2.3:a:ubercart:ubercart:5.x-1.0:alpha6b:*:*:*:*:*:* |
ubercart | ubercart | 5.x-1.0 | cpe:2.3:a:ubercart:ubercart:5.x-1.0:alpha6c:*:*:*:*:*:* |
ubercart | ubercart | 5.x-1.0 | cpe:2.3:a:ubercart:ubercart:5.x-1.0:alpha7:*:*:*:*:*:* |