CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Cvelist•added 2026/05/11 8:41 p.m.•31 views

CVE-2026-43883 WWBN AVideo: IDOR in PayPalYPT agreementCancel.json.php Allows Any Authenticated User to Cancel Arbitrary PayPal Subscription Agreements

WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/PayPalYPT/agreementCancel.json.php cancels a PayPal billing agreement using an attacker-supplied agreement parameter without verifying that the authenticated user owns the agreement. A low-privilege...

4.2CVSS0.0004EPSS

Exploits0References2

Snyk•added 2026/05/05 10:16 p.m.•3 views

Authorization Bypass Through User-Controlled Key

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the agreementCancel.json.php process. An attacker can disrupt another user's active PayPal subscription and cau...

4.2CVSS5.8AI score0.0004EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-0405

Malware in sbrugna...

7.5CVSS6.4AI score0.00619EPSS

Exploits0References6

RedhatCVE•added 2025/05/23 8:39 a.m.•1 views

CVE-2024-4383

The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'swpmpaypalsubscriptioncancellink' shortcode in all versions up to, and including, 4.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS6AI score0.00249EPSS

Exploits0References1

OSV•added 2024/04/25 11:15 a.m.•0 views

CVE-2024-3730

The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'swpmpaypalsubscriptioncancellink' shortcode in all versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

5.4CVSS5.9AI score

Exploits0References2

seebug.org•added 2014/07/01 12:0 a.m.•11 views

Easebay Resources Paypal Subscription Manager Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/22141/info Easebay Resources Paypal Subscription Manager is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. The vulnerabilities include an...

7.1AI score

Exploits0

Packet Storm•added 2007/01/24 12:0 a.m.•27 views

paypal-inject.txt

Paypal Subscription Manager allows webmaster easily create subscription web site, visitors can access to digital product instantly after paying through Paypal, PSM provides ability to effortlessly process subscription and protect membership areas. PSM uses PHP and MySQL for fast, efficient,...

7.4AI score

Exploits0

Prion•added 2007/01/22 6:28 p.m.•17 views

Sql injection

SQL injection vulnerability in admin/memberlist.php in Easebay Resources Paypal Subscription Manager allows remote attackers to execute arbitrary SQL commands via the keyword parameter...

7.5CVSS9AI score0.00619EPSS

Exploits0References5

Prion•added 2007/01/22 6:28 p.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in admin/editmember.php in Easebay Resources Paypal Subscription Manager allows remote attackers to inject arbitrary web script or HTML via the username parameter...

6.8CVSS6.1AI score0.01009EPSS

Exploits0References4

CVE•added 2007/01/22 6:0 p.m.•41 views

CVE-2007-0403

CVE-2007-0403 is a SQL injection in Easebay Resources' Paypal Subscription Manager (admin/memberlist.php) exploitable via the keyword parameter. Remote attackers can execute arbitrary SQL commands. This is documented in NVD and related records; no exploitation specifics or fixes are provided in t...

7.5CVSS8.4AI score0.00619EPSS

Exploits0References5Affected Software1

CVE•added 2007/01/22 6:0 p.m.•49 views

CVE-2007-0402

CVE-2007-0402 describes a cross-site scripting (XSS) vulnerability in the Admin module: admin/edit_member.php of Easebay Resources Paypal Subscription Manager. The issue allows remote attackers to inject arbitrary web script or HTML through the username parameter. The vulnerability is documented ...

6.8CVSS5.7AI score0.01009EPSS

Exploits0References4Affected Software1

Cvelist•added 2007/01/22 6:0 p.m.•19 views

CVE-2007-0403

SQL injection vulnerability in admin/memberlist.php in Easebay Resources Paypal Subscription Manager allows remote attackers to execute arbitrary SQL commands via the keyword parameter...

8.4AI score0.00619EPSS

Exploits0References5

securityvulns•added 2007/01/20 12:0 a.m.•54 views

Paypal Subscription Manager Multiple HTML Injections

1.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by