Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote malicious users to enter false payment entries into the log file via HTTP POST requests to ipn_success.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
paypal php toolkit |