Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ebay vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5611
The eBay Kleinanzeigen for Germany (aka com.ebay.kleinanzeigen) application 5.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Ebay-kleinanzeigen Ebay Kleinanzeigen For Germany 5.0.2
NA
CVE-2010-4211
The PayPal app prior to 3.0.1 for iOS does not verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle malicious users to spoof a PayPal web server via an arbitrary certificate.
Ebay Paypal
7.8
CVSSv3
CVE-2023-26107
All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string.
Ebay Sketchsvg -
9.8
CVSSv3
CVE-2017-17573
FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, or the search.php category_id or sub_category_id parameter.
Fortunescripts Ebay Clone 1.0
1 EDB exploit
NA
CVE-2009-3712
Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote malicious users to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php; and the item_id parameter to (2) view_full_size.php, (3) classifide_ad.php, and (4) crosspromoteitems.php.
Ebayclonescript Ebay Clone 2009
1 EDB exploit
NA
CVE-2009-2894
Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to product_desc.php, and the cid parameter to (2) showcategory.php and (3) gallery.php.
Clone2009 Ebay Clone 2009
1 EDB exploit
NA
CVE-2012-5801
The PayPal module in PrestaShop does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary valid certi...
Prestashop Ebay -
Prestashop Prestashop -
NA
CVE-2009-2423
SQL injection vulnerability in category.php in Ebay Clone 2009 allows remote malicious users to execute arbitrary SQL commands via the cate_id parameter in a list action.
Ebayclonescript Ebay Clone 2009
1 EDB exploit
NA
CVE-2006-1176
Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll prior to 1.0.3.48, as used in Sell Your Item (SYI), Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote mali...
Ebay Enhanced Picture Services
NA
CVE-2009-2424
Cross-site scripting (XSS) vulnerability in search.php in Ebay Clone 2009 allows remote malicious users to inject arbitrary web script or HTML via the mode parameter.
Clone2009 Ebay Clone 2009
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »