Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paypal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4689
SQL injection vulnerability in index.php in PHP Shopping Cart Selling Website Script allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Resalecode Php Shopping Cart Selling Website Script
1 EDB exploit
NA
CVE-2009-4688
Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP Shopping Cart Selling Website Script allow remote malicious users to inject arbitrary web script or HTML via the (1) txtkeywords and (2) cid parameters.
Resalecode Php Shopping Cart Selling Website Script
1 EDB exploit
NA
CVE-2013-0118
CS-Cart prior to 3.0.6, when PayPal Standard Payments is configured, allows remote malicious users to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setting the recipient to one's self.
Cs-cart Cs-cart 3.0.2
Cs-cart Cs-cart 3.0
Cs-cart Cs-cart 3.0.3
Cs-cart Cs-cart 3.0.4
Cs-cart Cs-cart
NA
CVE-2008-3594
SQL injection vulnerability in viewdetails.php in MagicScripts E-Store Kit-1, E-Store Kit-2, E-Store Kit-1 Pro PayPal Edition, and E-Store Kit-2 PayPal Edition allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Magicscripts E-store Kit-1
Magicscripts E-store Kit-2
1 EDB exploit
5.4
CVSSv3
CVE-2021-40577
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 in the Add-Users page via the Name parameter.
Online Enrollment Management System Project Online Enrollment Management System 1.0
7.5
CVSSv3
CVE-2023-23941
SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used (PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card), the amount and item list sent to PayPal may not be identical to the one in the created order. ...
Shopware Swagpaypal
NA
CVE-2023-27460
Missing Authorization vulnerability in CodePeople, paypaldev CP Contact Form with Paypal allows Functionality Misuse.This issue affects CP Contact Form with Paypal: from n/a up to and including 1.3.34.
NA
CVE-2023-51683
Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Easy PayPal & Stripe Buy Now Button.This issue affects Easy PayPal & Stripe Buy Now Button: from n/a up to and including 1.8.1.
NA
CVE-2024-35676
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpecommerce Recurring PayPal Donations allows Stored XSS.This issue affects Recurring PayPal Donations: from n/a up to and including 1.7.
NA
CVE-2024-30527
Improper Validation of Specified Quantity in Input vulnerability in Tips and Tricks HQ WP Express Checkout (Accept PayPal Payments) allows Manipulating Hidden Fields.This issue affects WP Express Checkout (Accept PayPal Payments): from n/a up to and including 2.3.7.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »