Contact Us
SECURITY BLOG SECURITY DASHBOARD PARTNERS PRODUCTS JOBS SERVICES COMPANY HOME
Network Security Consulting Advisories Article

Drupal ZipCart Module Access Security Bypass Vulnerability

http://www.securityfocus.com/bid/52231

Security Info

Bugtraq ID: 52231
Class: Access Validation Error
CVE:
Remote: Yes
Local: No
Published: Feb 29 2012 12:00AM
Updated: Feb 29 2012 12:00AM
Credit: Chris Burgess
Vulnerable: Drupal ZipCart 6.X-1.3
Not Vulnerable: Drupal ZipCart 6.X-1.4

Security Discussion

The ZipCart module for Drupal is prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.

ZipCart 6.x versions prior to 6.x-1.4 are vulnerable.

Proof of Concept and Security Exploits

Attackers can exploit this issue through a browser.

Security Solution(s)

Solution:
Updates are available; please see the references for more information.

Security References(s)

References:

Contact Us

Security Penetration Testing

Security Questions

Security Dashboard

Emagined Security Blog featuring Dr. Eugene Schultz
Site Updated April 19, 2014
©2000-2014 Emagined Security
All Rights Reserved

Secure Web Programming
by Vizual Services