CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

49 matches found

Github Security Blog•added 2022/05/24 5:9 p.m.•29 views

CardGate Payments plugin for WooCommerce does not validate request origin

An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. Lack of origin authentication in the IPN callback processing function in cardgate/cardgate.php allows an attacker to remotely replace critical plugin settings merchant ID, secret key, etc. and therefore bypass...

8.1CVSS7.1AI score0.04541EPSS

Exploits6References8Affected Software1

OSV•added 2022/05/24 5:9 p.m.•27 views

GHSA-5PQ5-9PHV-Q5J3 CardGate Payments plugin for WooCommerce does not validate request origin

8.1CVSS8AI score0.04541EPSS

Exploits6References8

Github Security Blog•added 2021/10/12 4:30 p.m.•33 views

Origin Validation Error in Magento 2

An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. Lack of origin authentication in the IPN callback processing function in Controller/Payment/Callback.php allows an attacker to remotely replace critical plugin settings merchant ID, secret key, etc. and therefor...

8.1CVSS8AI score0.0417EPSS

Exploits5References6Affected Software1

OSV•added 2021/10/12 4:30 p.m.•28 views

GHSA-QF6Q-QFWP-VP44 Origin Validation Error in Magento 2

8.1CVSS8AI score0.0417EPSS

Exploits5References6

CNVD•added 2020/02/28 12:0 a.m.•4 views

WordPress WooCommerce CardGate Payment6 Gateway Authentication Bypass Vulnerability

WordPress WooCommerce is a flexible open source e-commerce solution built on WordPress. An authentication bypass vulnerability exists in WordPress WooCommerce CardGate Payment6 Gateway, which can be exploited by an attacker to bypass the authentication mechanism and gain unauthorized access,...

8.1CVSS7.2AI score0.04541EPSS

Exploits6References1

CNVD•added 2020/02/28 12:0 a.m.•5 views

Magento WooCommerce CardGate Payment Gateway Authentication Bypass Vulnerability

Magento is a professional open source e-commerce system. magento is designed to be very flexible, with modular architecture system and rich functionality. Magento WooCommerce CardGate Payment Gateway has an authentication bypass vulnerability that arises from a lack of authentication measures or...

8.1CVSS7.1AI score0.0417EPSS

Exploits5References1

Veracode•added 2020/02/26 3:7 a.m.•21 views

Authentication Bypass

cardgate/magento2 is vulnerable to authentication bypass. The Instant Payment Notification IPN callback processing function in Controller/Payment/Callback.php fails to authenticate the origin of IPN callback requests, allowing an attacker to spoof payments by sending the request with a valid...

8.1CVSS3.6AI score0.0417EPSS

Exploits5References4Affected Software1

0day.today•added 2020/02/26 12:0 a.m.•178 views

WordPress WooCommerce CardGate Payment Gateway 3.1.15 Plugin - Payment Process Bypass Exploit

Exploit for php platform in category web applications Exploit Title: WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com www.curopayments.com Software Link:...

0.2AI score0.04541EPSS

Exploits6

0day.today•added 2020/02/26 12:0 a.m.•192 views

Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Exploit

Exploit for php platform in category web applications Exploit Title: Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com www.curopayments.com Software Link:...

0.1AI score0.0417EPSS

Exploits5

NVD•added 2020/02/25 2:15 a.m.•27 views

CVE-2020-8818

8.1CVSS8.2AI score0.0417EPSS

Exploits5References3

NVD•added 2020/02/25 2:15 a.m.•15 views

CVE-2020-8819

8.1CVSS8.2AI score0.04541EPSS

Exploits6References5

OSV•added 2020/02/25 2:15 a.m.•17 views

CVE-2020-8818

8.1CVSS7AI score

Exploits0References3

Prion•added 2020/02/25 2:15 a.m.•12 views

Authentication flaw

5.5CVSS8AI score0.0417EPSS

Exploits5References3Affected Software2

Prion•added 2020/02/25 2:15 a.m.•14 views

Authentication flaw

5.5CVSS8AI score0.04541EPSS

Exploits6References5Affected Software1

Cvelist•added 2020/02/25 1:20 a.m.•31 views

CVE-2020-8818

8.2AI score0.0417EPSS

Exploits5References3

CVE•added 2020/02/25 1:20 a.m.•152 views

CVE-2020-8818

CVE-2020-8818 affects the CardGate Payments plugin for Magento 2 (up to version 2.0.30). The underlying issue is lack of origin authentication in the IPN callback processing function (Controller/Payment/Callback.php), enabling an attacker to remotely replace critical plugin settings (merchant ID,...

8.1CVSS8AI score0.0417EPSS

Exploits5References3Affected Software1

Cvelist•added 2020/02/25 1:15 a.m.•36 views

CVE-2020-8819

8.2AI score0.04541EPSS

Exploits6References5

CVE•added 2020/02/25 1:15 a.m.•148 views

CVE-2020-8819

The CVE-2020-8819 entry refers to the CardGate Payments plugin for WooCommerce (up to version 3.1.15). The underlying issue is lack of origin authentication in the IPN callback processing function (cardgate/cardgate.php), which allows an attacker to remotely replace critical plugin settings (merc...

8.1CVSS8AI score0.04541EPSS

Exploits6References5Affected Software1

exploitpack•added 2020/02/25 12:0 a.m.•50 views

WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass

WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass Exploit Title: WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage:...

5.5CVSS0.3AI score0.04541EPSS

Exploits6

ATTACKERKB•added 2020/02/25 12:0 a.m.•22 views

CVE-2020-8819

8.1CVSS8.1AI score0.04541EPSS

Exploits6References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by