1 results (0.003 seconds)
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0
CVE-2013-4594
https://notcve.org/view.php?id=CVE-2013-4594
The Payment for Webform module 7.x-1.x before 7.x-1.5 for Drupal does not restrict access by anonymous users, which allows remote anonymous users to use the payment of other anonymous users when submitting a form that requires payment. El módulo Payment for Webform 7.x-1.x anterior a 7.x-1.5 para Drupal no restringe el acceso por usuarios anónimos, lo que permite a usuarios remotos anónimos utilizar el pago de otros usuarios anónimos cuando presentan un formulario que requiere pago. • http://seclists.org/oss-sec/2013/q4/317 http://secunia.com/advisories/55431 https://drupal.org/node/2128345 https://drupal.org/node/2129373 • CWE-287: Improper Authentication •