CVE-2012-4482

Ubercart SecureTrading Payment Method Module 6.x - Improper Payment Verification

Title source: llm
STIX 2.1

Description

The Ubercart SecureTrading Payment Method module 6.x for Drupal does not properly verify payment notification information, which allows remote attackers to purchase an item without paying via unspecified vectors.

References (3)

Core 3
Core References
Vendor Advisory x_refsource_misc
http://drupal.org/node/1679820
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/10/04/6
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/10/07/1

Scores

EPSS 0.0132
EPSS Percentile 67.5%

Details

CWE
CWE-20
Status published
Products (1)
longwaveconsulting/ubercart_securetrading_payment_method_module 6.x-1.0
Published Oct 31, 2012
Tracked Since Feb 18, 2026