Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paypal vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-4689
SQL injection vulnerability in index.php in PHP Shopping Cart Selling Website Script allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Resalecode Php Shopping Cart Selling Website Script
1 EDB exploit
5
CVSSv2
CVE-2013-0118
CS-Cart prior to 3.0.6, when PayPal Standard Payments is configured, allows remote malicious users to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setting the recipient to one's self.
Cs-cart Cs-cart 3.0.2
Cs-cart Cs-cart 3.0
Cs-cart Cs-cart 3.0.3
Cs-cart Cs-cart 3.0.4
Cs-cart Cs-cart
4.3
CVSSv2
CVE-2009-4688
Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP Shopping Cart Selling Website Script allow remote malicious users to inject arbitrary web script or HTML via the (1) txtkeywords and (2) cid parameters.
Resalecode Php Shopping Cart Selling Website Script
1 EDB exploit
7.5
CVSSv2
CVE-2008-3594
SQL injection vulnerability in viewdetails.php in MagicScripts E-Store Kit-1, E-Store Kit-2, E-Store Kit-1 Pro PayPal Edition, and E-Store Kit-2 PayPal Edition allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Magicscripts E-store Kit-1
Magicscripts E-store Kit-2
1 EDB exploit
3.5
CVSSv2
CVE-2021-40577
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 in the Add-Users page via the Name parameter.
Online Enrollment Management System Project Online Enrollment Management System 1.0
NA
CVE-2023-23941
SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used (PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card), the amount and item list sent to PayPal may not be identical to the one in the created order. ...
Shopware Swagpaypal
NA
CVE-2023-51683
Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Easy PayPal & Stripe Buy Now Button.This issue affects Easy PayPal & Stripe Buy Now Button: from n/a up to and including 1.8.1.
NA
CVE-2024-30527
Improper Validation of Specified Quantity in Input vulnerability in Tips and Tricks HQ WP Express Checkout (Accept PayPal Payments) allows Manipulating Hidden Fields.This issue affects WP Express Checkout (Accept PayPal Payments): from n/a up to and including 2.3.7.
NA
CVE-2024-29130
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on allows Reflected XSS.This issue affects Contact Form 7 – PayPal & Stripe Add-on: from n/a up ...
NA
CVE-2022-36284
Authenticated IDOR vulnerability in StoreApps Affiliate For WooCommerce premium plugin <= 4.7.0 at WordPress allows an malicious user to change the PayPal email. WooCommerce PayPal Payments plugin (free) should be at least installed to get the extra input field on the user pro...
Storeapps Affiliate For Woocommerce
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »