Vulnerability Database

289,782

Total vulnerabilities in the database

CVE-2012-2301

The Ubercart module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer product classes" permission to execute arbitrary PHP code via unspecified vectors.

  • Published: Nov 16, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2012-2301
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6
  • AV:N/AC:M/Au:S/C:P/I:P/A:P

CWEs:

Software From Fixed in
ubercart / ubercart 6.x-2.4 6.x-2.4.x
ubercart / ubercart 6.x-2.7 6.x-2.7.x
ubercart / ubercart 6.x-2.2 6.x-2.2.x
ubercart / ubercart 6.x-2.1 6.x-2.1.x
ubercart / ubercart 6.x-2.3 6.x-2.3.x
ubercart / ubercart 6.x-2.6 6.x-2.6.x
ubercart / ubercart 6.x-2.0 6.x-2.0.x