Lucene search
K

28 matches found

Packet Storm
Packet Storm
added 2020/02/25 12:0 a.m.178 views

Magento WooCommerce CardGate Payment Gateway 2.0.30 Bypass

Exploit Title: Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com www.curopayments.com Software Link:...

0.3AI score0.0417EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/02/25 12:0 a.m.1212 views

Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass

Exploit Title: Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com www.curopayments.com Software Link:...

8.1CVSS8.1AI score0.0417EPSS
Exploits5
ATTACKERKB
ATTACKERKB
added 2020/02/25 12:0 a.m.22 views

CVE-2020-8819

An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. Lack of origin authentication in the IPN callback processing function in cardgate/cardgate.php allows an attacker to remotely replace critical plugin settings merchant ID, secret key, etc. and therefore bypass...

8.1CVSS8.1AI score0.04541EPSS
Exploits6References6
exploitpack
exploitpack
added 2020/02/25 12:0 a.m.72 views

Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass

Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Exploit Title: Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com...

5.5CVSS0.2AI score0.0417EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/02/25 12:0 a.m.213 views

WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass

Exploit Title: WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com www.curopayments.com Software Link:...

8.1CVSS8.1AI score0.04541EPSS
Exploits6
wpexploit
wpexploit
added 2020/02/22 12:0 a.m.40 views

CardGate < 3.1.16 - Unauthorised Payments Hijacking and Order Status Spoofing

Lack of origin authentication CWE-346 at IPN callback processing function allow even unauthorized attacker to remotely replace critical plugin settings merchant id, secret key etc with known to him and therefore bypass payment process eg. spoof order status by manually sending IPN callback reques...

5.5CVSS0.04541EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2010/01/11 12:0 a.m.33 views

FreeBSD Security Advisory (FreeBSD-SA-10:01.bind.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-10:01.bind.asc ADV FreeBSD-SA-10:01.bind.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-10:01.bind.asc Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft...

2.6CVSS0.07952EPSS
Exploits1
securityvulns
securityvulns
added 2002/03/20 12:0 a.m.37 views

Potential vulnerabilities of the Microsoft RVP-based Instant Messaging

The Encode Security Labs performed an empirical analysis of the Microsoft Instant Messaging implementation based on Exchange 2000 and using the MSN Messenger Service v3.6 client. The most important findings about the IM service are: -it does not offer any confidentiality -it is vulnerable to...

0.7AI score
Exploits0
Rows per page
Query Builder