CVE-2012-2116: CVE-2012-2116

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-2116

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Cross-site request forgery (CSRF) vulnerability in the Commerce Reorder module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that add items to the shopping cart.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Drupal ‘Commerce Reorder’ 跨站请求伪造漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。 Drupal的Commerce Reorder模块中存在跨站请求伪造漏洞，该漏洞源于此模块允许用户借助HTTP请求，且在没有对这些请求执行正确有效性检查的情况下，执行某些操作。攻击者可利用该漏洞导致例如：当登录用户浏览特制页面时，重订购一个已购买过的产品的错误。此漏洞存在于7.x-1.1之前版本中。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2012-2116

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2012-2116

Please Login to view more intelligence information

http://drupal.org/node/1538198x_refsource_CONFIRM
http://secunia.com/advisories/48912third-party-advisoryx_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2012/04/18/11mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2012/04/19/1mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2012-2116

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2012-2116

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2012-2116

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2012-2116

III. Intelligence Information for CVE-2012-2116

IV. Related Vulnerabilities

V. Comments for CVE-2012-2116

Leave a comment