Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paypal vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-5065
Absolute path traversal vulnerability in proxy.php in the google currency lookup in the Paypal Currency Converter Basic For WooCommerce plugin prior to 1.4 for WordPress allows remote malicious users to read arbitrary files via a full pathname in the requrl parameter.
Intelligent-it Paypal Currency Converter Basic For Woocommerce
1 EDB exploit
4.3
CVSSv2
CVE-2021-23648
The package @braintree/sanitize-url prior to 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.
Paypal Braintree\\/sanitize-url
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2023-2406
The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Stored Cross-Site Scripting via the 'email' parameter in versions up to, an...
Vcita Event Registration Calendar By Vcita
Vcita Online Payments - Get Paid With Paypal\\, Square \\& Stripe
NA
CVE-2023-2407
The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Cross-Site Request Forgery. This is due to missing nonce validation in the ls_parse_v...
Vcita Event Registration Calendar By Vcita
Vcita Online Payments - Get Paid With Paypal\\, Square \\& Stripe
6.8
CVSSv2
CVE-2006-3052
Cross-site scripting (XSS) vulnerability in Event Registration allows remote malicious users to inject arbitrary web script or HTML via the (1) event_id parameter to view-event-details.php or (2) select_events parameter to event-registration.php. NOTE: the provenance of this info...
Cescripts Event Registration 2checkout
Cescripts Event Registration Corporate
Cescripts Event Registration Paypal
Cescripts Event Registration Rsvp 1.0
1 EDB exploit
5
CVSSv2
CVE-2012-2991
The PayPal (aka MODULE_PAYMENT_PAYPAL_STANDARD) module prior to 1.1 in osCommerce Online Merchant prior to 2.3.4 allows remote malicious users to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setting the recipient to one&...
Oscommerce Online Merchant 2.3.2
Oscommerce Online Merchant
Oscommerce Online Merchant 2.3.0
Oscommerce Online Merchant 2.3.1
Paypal Website Payments Standard Module
3.5
CVSSv2
CVE-2007-5621
Multiple cross-site scripting (XSS) vulnerabilities in the Token module prior to 4.7.x-1.5, and 5.x prior to 5.x-1.9, for Drupal; as used by the ASIN Field, e-Commerce, Fullname field for CCK, Invite, Node Relativity, Pathauto, PayPal Node, and Ubercart modules; allow remote auth...
Drupal Drupal 5.2
Drupal E-commerce Module
Drupal Token Module
Drupal Asin Field Module
Drupal Drupal 4.7
Drupal Node Relativity Module
Drupal Pathauto Module
Drupal Drupal 5.0
Drupal Drupal 5.1
Drupal Paypal Node Module
Drupal Ubercart Module
Drupal Fullname Field For Cck
Drupal Invite Module
7.5
CVSSv2
CVE-2010-4846
SQL injection vulnerability in view_item.php in MH Products Pay Pal Shop Digital allows remote malicious users to execute arbitrary SQL commands via the ItemID parameter.
Mhproducts Pay Pal Shop Digital
1 EDB exploit
7.5
CVSSv2
CVE-2018-18800
The Tubigan "Welcome to our Resort" 1.0 software allows SQL Injection via index.php?p=accomodation&q=[SQL], index.php?p=rooms&q=[SQL], or admin/login.php.
Tubigan Welcome To Our Resort 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-4689
SQL injection vulnerability in index.php in PHP Shopping Cart Selling Website Script allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Resalecode Php Shopping Cart Selling Website Script
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »