Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paypal vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2007-2824
SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pack parameter in a paypal action for index.php.
Alstrasoft E-friends
1 EDB exploit
890
VMScore
CVE-2004-2247
Unknown vulnerability in the "admin of paypal email addresses" in AudienceConnect prior to 1.0.beta.21 has unknown impact and attack vectors.
Goosequill Audienceconnect 1.0.beta.20
760
VMScore
CVE-2005-0935
Multiple SQL injection vulnerabilities in ESMI PayPal Storefront allow remote malicious users to execute arbitrary SQL commands via the (1) idpages parameter to pages.php or the (2) id2 parameter to products1.php.
Esmi Paypal Storefront 1.7
2 EDB exploits
755
VMScore
CVE-2018-18800
The Tubigan "Welcome to our Resort" 1.0 software allows SQL Injection via index.php?p=accomodation&q=[SQL], index.php?p=rooms&q=[SQL], or admin/login.php.
Tubigan Welcome To Our Resort 1.0
1 EDB exploit
755
VMScore
CVE-2010-4846
SQL injection vulnerability in view_item.php in MH Products Pay Pal Shop Digital allows remote malicious users to execute arbitrary SQL commands via the ItemID parameter.
Mhproducts Pay Pal Shop Digital
1 EDB exploit
755
VMScore
CVE-2009-4689
SQL injection vulnerability in index.php in PHP Shopping Cart Selling Website Script allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Resalecode Php Shopping Cart Selling Website Script
1 EDB exploit
755
VMScore
CVE-2008-6535
admin/settings.php in PayPal eStores allows remote malicious users to bypass intended access restrictions and change the administrative password via a direct request with a modified NewAdmin parameter.
Paypalestores Paypal Estores -
1 EDB exploit
755
VMScore
CVE-2008-3594
SQL injection vulnerability in viewdetails.php in MagicScripts E-Store Kit-1, E-Store Kit-2, E-Store Kit-1 Pro PayPal Edition, and E-Store Kit-2 PayPal Edition allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Magicscripts E-store Kit-1
Magicscripts E-store Kit-2
1 EDB exploit
755
VMScore
CVE-2007-3119
SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) 1.0 allows remote malicious users to execute arbitrary SQL commands via the news_id parameter.
Kartli Alisveris Sistemi Kartli Alisveris Sistemi 1.0
1 EDB exploit
685
VMScore
CVE-2006-3052
Cross-site scripting (XSS) vulnerability in Event Registration allows remote malicious users to inject arbitrary web script or HTML via the (1) event_id parameter to view-event-details.php or (2) select_events parameter to event-registration.php. NOTE: the provenance of this info...
Cescripts Event Registration 2checkout
Cescripts Event Registration Corporate
Cescripts Event Registration Paypal
Cescripts Event Registration Rsvp 1.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »