Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paypal vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2007-2824
SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pack parameter in a paypal action for index.php.
Alstrasoft E-friends
1 EDB exploit
10
CVSSv2
CVE-2004-2247
Unknown vulnerability in the "admin of paypal email addresses" in AudienceConnect prior to 1.0.beta.21 has unknown impact and attack vectors.
Goosequill Audienceconnect 1.0.beta.20
7.5
CVSSv2
CVE-2020-14092
The CodePeople Payment Form for PayPal Pro plugin prior to 1.1.65 for WordPress allows SQL Injection.
Ithemes Paypal Pro
7.5
CVSSv2
CVE-2018-18800
The Tubigan "Welcome to our Resort" 1.0 software allows SQL Injection via index.php?p=accomodation&q=[SQL], index.php?p=rooms&q=[SQL], or admin/login.php.
Tubigan Welcome To Our Resort 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2010-4846
SQL injection vulnerability in view_item.php in MH Products Pay Pal Shop Digital allows remote malicious users to execute arbitrary SQL commands via the ItemID parameter.
Mhproducts Pay Pal Shop Digital
1 EDB exploit
7.5
CVSSv2
CVE-2009-4689
SQL injection vulnerability in index.php in PHP Shopping Cart Selling Website Script allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Resalecode Php Shopping Cart Selling Website Script
1 EDB exploit
7.5
CVSSv2
CVE-2008-6535
admin/settings.php in PayPal eStores allows remote malicious users to bypass intended access restrictions and change the administrative password via a direct request with a modified NewAdmin parameter.
Paypalestores Paypal Estores -
1 EDB exploit
7.5
CVSSv2
CVE-2008-3594
SQL injection vulnerability in viewdetails.php in MagicScripts E-Store Kit-1, E-Store Kit-2, E-Store Kit-1 Pro PayPal Edition, and E-Store Kit-2 PayPal Edition allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Magicscripts E-store Kit-1
Magicscripts E-store Kit-2
1 EDB exploit
7.5
CVSSv2
CVE-2007-3119
SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) 1.0 allows remote malicious users to execute arbitrary SQL commands via the news_id parameter.
Kartli Alisveris Sistemi Kartli Alisveris Sistemi 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-0403
SQL injection vulnerability in admin/memberlist.php in Easebay Resources Paypal Subscription Manager allows remote malicious users to execute arbitrary SQL commands via the keyword parameter.
Easebay Resources Paypal Subscription Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »