CVE-2012-2731
 
Severity Score
2.6
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Ubercart AJAX Cart 6.x-2.x before 6.x-2.1 for Drupal stores the PHP session id in the JavaScript settings array in page loads, which might allow remote attackers to obtain sensitive information by sniffing or reading the cache of the HTML of a webpage.
Ubercart AJAX Cart v6.x-2.x anterior a v6.x-2.1 para Drupal almacena la id de la sesión en la tabla de configuración de páginas cargadas, lo que podría permitir a atacantes remotos obtener información sensible espiando o leyendo la caché del HTML de una página Web.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-05-14 CVE Reserved
- 2012-06-27 CVE Published
- 2023-03-14 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
http://www.openwall.com/lists/oss-security/2012/06/14/3 | Mailing List | |
http://www.securityfocus.com/bid/53999 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/76332 | Vdb Entry |
URL | Date | SRC |
---|---|---|
http://drupalcode.org/project/uc_ajax_cart.git/commitdiff/b59cdd5 | 2024-08-06 |
URL | Date | SRC |
---|---|---|
http://drupal.org/node/1619586 | 2017-08-29 | |
http://drupal.org/node/1633048 | 2017-08-29 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | alpha6 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | alpha7 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | alpha8 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | beta1 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | beta10 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | beta11 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | beta2 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | beta3 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | beta4 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | beta5 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | beta6 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | beta7 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | beta8 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | beta9 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | rc1 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | rc2 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | rc3 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|
Richardo Ante Search vendor "Richardo Ante" | Ubercart Ajax Cart Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" | 6.x-2.0 Search vendor "Richardo Ante" for product "Ubercart Ajax Cart" and version "6.x-2.0" | rc4 |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | - | - |
Safe
|