CVE-2012-3802

Опубликовано: 27 июн. 2012

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

Unspecified vulnerability in the Post Affiliate Pro (PAP) module for Drupal allows remote authenticated users to read the commissions of other users via unknown attack vectors.

Ссылки

http://drupal.org/node/1585648
Patch
Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/06/14/3
http://www.securityfocus.com/bid/53589
https://exchange.xforce.ibmcloud.com/vulnerabilities/75716
http://drupal.org/node/1585648
Patch
Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/06/14/3
http://www.securityfocus.com/bid/53589
https://exchange.xforce.ibmcloud.com/vulnerabilities/75716

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:peter_pokrivcak:post_affiliate_pro:-:*:*:*:*:*:*:*

cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.00322

Низкий

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-gjj3-5cjq-r87r

github

около 3 лет назад