Vulnerability Database

289,782

Total vulnerabilities in the database

CVE-2013-7302

Session fixation vulnerability in the Ubercart module 6.x-2.x before 6.x-2.13 and 7.x-3.x before 7.x-3.6 for Drupal, when the "Log in new customers after checkout" option is enabled, allows remote attackers to hijack web sessions by leveraging knowledge of the original session ID.

  • Published: Apr 29, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2013-7302
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
ubercart / ubercart 6.x-2.0-beta4 6.x-2.0-beta4.x
ubercart / ubercart 6.x-2.0-beta3 6.x-2.0-beta3.x
ubercart / ubercart 6.x-2.0-beta2 6.x-2.0-beta2.x
ubercart / ubercart 6.x-2.0-beta1 6.x-2.0-beta1.x
ubercart / ubercart 6.x-2.0 6.x-2.0.x
ubercart / ubercart 6.x-2.0-beta6 6.x-2.0-beta6.x
ubercart / ubercart 6.x-2.0-rc3 6.x-2.0-rc3.x
ubercart / ubercart 6.x-2.0-rc5 6.x-2.0-rc5.x
ubercart / ubercart 6.x-2.0-rc2 6.x-2.0-rc2.x
ubercart / ubercart 6.x-2.0-dev 6.x-2.0-dev.x
ubercart / ubercart 6.x-2.0-rc1 6.x-2.0-rc1.x
ubercart / ubercart 6.x-2.0-rc6 6.x-2.0-rc6.x
ubercart / ubercart 6.x-2.0-rc7 6.x-2.0-rc7.x
ubercart / ubercart 6.x-2.0-rc4 6.x-2.0-rc4.x
ubercart / ubercart 6.x-2.0-beta5 6.x-2.0-beta5.x
ubercart / ubercart 6.x-2.1 6.x-2.1.x
ubercart / ubercart 6.x-2.2 6.x-2.2.x
ubercart / ubercart 6.x-2.3 6.x-2.3.x
ubercart / ubercart 6.x-2.4 6.x-2.4.x
ubercart / ubercart 6.x-2.6 6.x-2.6.x
ubercart / ubercart 6.x-2.7 6.x-2.7.x
ubercart / ubercart 6.x-2.8 6.x-2.8.x
ubercart / ubercart 6.x-2.9 6.x-2.9.x
ubercart / ubercart 6.x-2.10 6.x-2.10.x
ubercart / ubercart 6.x-2.11 6.x-2.11.x
ubercart / ubercart 6.x-2.12 6.x-2.12.x
ubercart / ubercart 7.x-3.0-beta3 7.x-3.0-beta3.x
ubercart / ubercart 7.x-3.0-rc1 7.x-3.0-rc1.x
ubercart / ubercart 7.x-3.0-alpha3 7.x-3.0-alpha3.x
ubercart / ubercart 7.x-3.0-beta1 7.x-3.0-beta1.x
ubercart / ubercart 7.x-3.0-rc4 7.x-3.0-rc4.x
ubercart / ubercart 7.x-3.0-rc2 7.x-3.0-rc2.x
ubercart / ubercart 7.x-3.0-beta2 7.x-3.0-beta2.x
ubercart / ubercart 7.x-3.0-beta4 7.x-3.0-beta4.x
ubercart / ubercart 7.x-3.0-dev 7.x-3.0-dev.x
ubercart / ubercart 7.x-3.0-alpha2 7.x-3.0-alpha2.x
ubercart / ubercart 7.x-3.0 7.x-3.0.x
ubercart / ubercart 7.x-3.0-rc3 7.x-3.0-rc3.x
ubercart / ubercart 7.x-3.0-alpha1 7.x-3.0-alpha1.x
ubercart / ubercart 7.x-3.1 7.x-3.1.x
ubercart / ubercart 7.x-3.2 7.x-3.2.x
ubercart / ubercart 7.x-3.3 7.x-3.3.x
ubercart / ubercart 7.x-3.4 7.x-3.4.x
ubercart / ubercart 7.x-3.5 7.x-3.5.x