← Back

CVE-2009-4771

nvd nist
Published: Apr 20, 2010Modified: Apr 29, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

The PayPal Website Payments Standard functionality in the Ubercart module 5.x before 5.x-1.9 and 6.x before 6.x-2.1 for Drupal does not properly validate orders, which allows remote attackers to trigger unspecified "duplicate actions" via unknown vectors.

Affected (51)

Products: Ubercart: Ubercart
Ubercart
1 product
Ubercart
Configuration A
51 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ubercart
Ubercart
Version 5.x-1.0
Ubercart
Version 5.x-1.0 alpha1
Ubercart
Version 5.x-1.0 alpha2
Ubercart
Version 5.x-1.0 alpha3
Ubercart
Version 5.x-1.0 alpha4
Ubercart
Version 5.x-1.0 alpha5
Ubercart
Version 5.x-1.0 alpha6
Ubercart
Version 5.x-1.0 alpha6b
Ubercart
Version 5.x-1.0 alpha6c
Ubercart
Version 5.x-1.0 alpha7
Ubercart
Version 5.x-1.0 alpha7b
Ubercart
Version 5.x-1.0 alpha7c
Ubercart
Version 5.x-1.0 alpha7d
Ubercart
Version 5.x-1.0 alpha7e
Ubercart
Version 5.x-1.0 alpha8
Ubercart
Version 5.x-1.0 beta1
Ubercart
Version 5.x-1.0 beta2
Ubercart
Version 5.x-1.0 beta3
Ubercart
Version 5.x-1.0 beta4
Ubercart
Version 5.x-1.0 beta5
Ubercart
Version 5.x-1.0 beta6
Ubercart
Version 5.x-1.0 beta7
Ubercart
Version 5.x-1.0 rc1
Ubercart
Version 5.x-1.0 rc2
Ubercart
Version 5.x-1.0 rc3
Ubercart
Version 5.x-1.0 rc4
Ubercart
Version 5.x-1.0 rc5
Ubercart
Version 5.x-1.1
Ubercart
Version 5.x-1.2
Ubercart
Version 5.x-1.3
Ubercart
Version 5.x-1.3 rc1
Ubercart
Version 5.x-1.4
Ubercart
Version 5.x-1.5
Ubercart
Version 5.x-1.6
Ubercart
Version 5.x-1.7
Ubercart
Version 5.x-1.8
Ubercart
Version 6.x-2.0
Ubercart
Version 6.x-2.0 beta1
Ubercart
Version 6.x-2.0 beta2
Ubercart
Version 6.x-2.0 beta3
Ubercart
Version 6.x-2.0 beta4
Ubercart
Version 6.x-2.0 beta5
Ubercart
Version 6.x-2.0 beta6
Ubercart
Version 6.x-2.0 dev
Ubercart
Version 6.x-2.0 rc1
Ubercart
Version 6.x-2.0 rc2
Ubercart
Version 6.x-2.0 rc3
Ubercart
Version 6.x-2.0 rc4
Ubercart
Version 6.x-2.0 rc5
Ubercart
Version 6.x-2.0 rc6
Ubercart
Version 6.x-2.0 rc7
Running on/withPlatform Versions
Drupal
Drupal
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.