3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
69.6%
TomatoCart 1.1.7 with PayPal Express Checkout, and possibly other versions, contains a design flaw that may allow an attacker to purchase items for free or less than advertised.
It has been reported that TomatoCart 1.1.7 using the PayPal Express Checkout module in sandbox mode, and possibly other versions, suffers from a design flaw that may allow an attacker to purchase items for free or at a reduced price. An attacker may be able to manipulate the redirection URL from PayPal back to TomatoCart in a way that allows the attacker to purchase items for free or at a reduced price.
An attacker may be able to purchase items for free or at a reduced price.
We are currently unaware of a practical solution to this problem. Please consider the following workaround.
Disable PayPal Express
TomatoCart users should disable payments from the PayPal express checkout module until a patch is released.
207540
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: October 15, 2012 Updated: October 29, 2012
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Group | Score | Vector |
---|---|---|
Base | 6.8 | AV:N/AC:L/Au:S/C:N/I:C/A:N |
Temporal | 5.5 | E:POC/RL:U/RC:UC |
Environmental | 5.5 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND |
Thanks to Giancarlo Pellegrino for reporting this vulnerability.
This document was written by Jared Allar.
CVE IDs: | CVE-2012-4934 |
---|---|
Date Public: | 2012-10-08 Date First Published: |