CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9026

The Ubercart module 7.x-3.x before 7.x-3.7 for Drupal does not properly protect the per-user order history view, which allows remote authenticated users with the "view own orders" permission to obtain sensitive information via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.9%

CVSS Severity

CVSS v2 Score 4.0

References

Products affected by CVE-2014-9026

Ubercart » Ubercart » Version: 7.x-3.0

cpe:2.3:a:ubercart:ubercart:7.x-3.0
Ubercart » Ubercart » Version: 7.x-3.1

cpe:2.3:a:ubercart:ubercart:7.x-3.1
Ubercart » Ubercart » Version: 7.x-3.2

cpe:2.3:a:ubercart:ubercart:7.x-3.2
Ubercart » Ubercart » Version: 7.x-3.3

cpe:2.3:a:ubercart:ubercart:7.x-3.3
Ubercart » Ubercart » Version: 7.x-3.4

cpe:2.3:a:ubercart:ubercart:7.x-3.4
Ubercart » Ubercart » Version: 7.x-3.5

cpe:2.3:a:ubercart:ubercart:7.x-3.5
Ubercart » Ubercart » Version: 7.x-3.6

cpe:2.3:a:ubercart:ubercart:7.x-3.6
Ubercart » Ubercart » Version: 7.x-3.7

cpe:2.3:a:ubercart:ubercart:7.x-3.7
Ubercart » Ubercart » Version: 7.x-3.x-dev

cpe:2.3:a:ubercart:ubercart:7.x-3.x-dev

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9026

Products

Pricing

Contact Us