CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2008-1978
https://notcve.org/view.php?id=CVE-2008-1978
27 Apr 2008 — Cross-site scripting (XSS) vulnerability in the Ubercart 5.x before 5.x-1.0 rc3 module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via node titles related to unspecified product features, a different vector than CVE-2008-1428. Vulnerabilidad de secuencias de órdenes en sitios cruzados (XSS) en el módulo Ubercart 5.x anteriores a 5.x-1.0 rc3 de Drupal permite a usuarios remotos autenticados inyectar 'script' web o HTML de su elección mediante títulos de nodos relaciona... • http://drupal.org/node/250343 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-1916
https://notcve.org/view.php?id=CVE-2008-1916
22 Apr 2008 — Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart 5.x before 5.x-1.0-rc1 module for Drupal allow remote attackers to inject arbitrary web script or HTML via text fields intended for the (1) address and (2) order information, which are later displayed on the order view page and unspecified other administrative pages, a different vulnerability than CVE-2008-1428. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS), vulnerabilidades en Ubercart 5.x anteteriores a 5.x... • http://drupal.org/node/241944 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-1428
https://notcve.org/view.php?id=CVE-2008-1428
20 Mar 2008 — Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart 5.x before 5.x-1.0-beta7 module for Drupal allow remote attackers to inject arbitrary web script or HTML via a text attribute value for a product. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en el módulo Ubercart versiones 5.x anteriores a 5.x-1.0-beta7 para Drupal permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección utilizando un valor de atributo de texto para un producto. • http://drupal.org/node/233492 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •