Vulnerabilities (CVE)

Filtered by vendor Giantrobot Subscribe
Filtered by product Zipcart
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-1650 2 Drupal, Giantrobot 2 Drupal, Zipcart 2024-11-21 6.0 MEDIUM N/A
The ZipCart module 6.x before 6.x-1.4 for Drupal checks the "access content" permission instead of the "access ZipCart downloads" permission when building archives, which allows remote authenticated users with access content permission to bypass intended access restrictions.