MidnightBSD

Advisories for payment_for_webform_project

CVE-2013-4594 MEDIUM

The Payment for Webform module 7.x-1.x before 7.x-1.5 for Drupal does not restrict access by anonymous users, which allows remote anonymous users to use the payment of other anonymous users when submitting a form that requires payment.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
payment_for_webform_project payment_for_webform 7.x-1.5
payment_for_webform_project payment_for_webform 7.x-1.0
payment_for_webform_project payment_for_webform 7.x-1.1
payment_for_webform_project payment_for_webform 7.x-1.4
payment_for_webform_project payment_for_webform 7.x-1.2
payment_for_webform_project payment_for_webform 7.x-1.3