Unrated severityNVD Advisory· Published Aug 28, 2012· Updated Jun 16, 2026
CVE-2012-1650
CVE-2012-1650
Description
The ZipCart module 6.x before 6.x-1.4 for Drupal checks the "access content" permission instead of the "access ZipCart downloads" permission when building archives, which allows remote authenticated users with access content permission to bypass intended access restrictions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:giantrobot:zipcart:6.x-1.2:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:giantrobot:zipcart:6.x-1.2:*:*:*:*:*:*:*
- cpe:2.3:a:giantrobot:zipcart:6.x-1.3:*:*:*:*:*:*:*
- cpe:2.3:a:giantrobot:zipcart:6.x-1.x:dev:*:*:*:*:*:*
- (no CPE)range: <6.x-1.4
Patches
Vulnerability mechanics
References
7News mentions
0No linked articles in our index yet.