CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site scripting vulnerability in EC-CUBE plugin 'Amazon Pay Plugin 2.12,2.13' version 2.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.5AI score0.00332EPSS

Exploits0References1

Patchstack•added 2021/05/14 12:0 a.m.•9 views

WordPress WooCommerce Amazon Pay plugin 2.0.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress WooCommerce Amazon Pay plugin version 2.0.0. Solution Update the WordPress WooCommerce Amazon Pay plugin to the latest available version at least 2.0.1...

2.5AI score

Exploits0References1Affected Software1

NVD•added 2021/02/26 3:15 p.m.•9 views

CVE-2020-28199

best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive Information to an Unauthorized Actor...

9.1CVSS0.00307EPSS

Exploits1References2

OSV•added 2021/02/26 3:15 p.m.•1 views

CVE-2020-28199

best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive Information to an Unauthorized Actor...

9.1CVSS7.3AI score0.00307EPSS

Exploits1References2

Prion•added 2021/02/26 3:15 p.m.•9 views

Information disclosure

best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive Information to an Unauthorized Actor...

6.4CVSS9.1AI score0.00307EPSS

Exploits1References2Affected Software1

Cvelist•added 2021/02/26 2:56 p.m.•11 views

CVE-2020-28199

best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive Information to an Unauthorized Actor...

9.2AI score0.00307EPSS

Exploits1References2

CVE•added 2021/02/26 2:56 p.m.•38 views

CVE-2020-28199

Technical details (affected products/versions/root cause/exploitability) are not publicly provided in the supplied documents. Monitor for updates.

9.1CVSS9.1AI score0.00307EPSS

Exploits1References2Affected Software1

CNNVD•added 2021/02/26 12:0 a.m.•2 views

Amazon Pay Plugin Information Disclosure Vulnerability

Amazon Pay Plugin is an online payment plugin from Amazon.com, Inc. Amazon Pay Plugin before 9.4.2 suffers from an information disclosure vulnerability that originates from exposing sensitive information for Shopware...

9.1CVSS7.3AI score0.00307EPSS

Exploits1References3

OSV•added 2019/09/12 5:15 p.m.•2 views

CVE-2019-6003

Cross-site scripting vulnerability in EC-CUBE plugin 'Amazon Pay Plugin 2.12,2.13' version 2.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score

Exploits0References2

NVD•added 2019/09/12 5:15 p.m.•12 views

CVE-2019-6003

Cross-site scripting vulnerability in EC-CUBE plugin 'Amazon Pay Plugin 2.12,2.13' version 2.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.1AI score0.00332EPSS

Exploits0References2

Prion•added 2019/09/12 5:15 p.m.•14 views

Cross site scripting

Cross-site scripting vulnerability in EC-CUBE plugin 'Amazon Pay Plugin 2.12,2.13' version 2.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00332EPSS

Exploits0References2Affected Software1

CVE•added 2019/09/12 3:58 p.m.•110 views

CVE-2019-6003

CVE-2019-6003 is a cross-site scripting vulnerability in EC-CUBE's Amazon Pay Plugin (versions 2.4.2 and earlier, plugin 2.12/2.13). The root cause is improper handling of user-controlled input (CWE-79), allowing an attacker to inject arbitrary web script or HTML via unspecified vectors. Impact, ...

6.1CVSS6AI score0.00332EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/09/12 3:58 p.m.•10 views

CVE-2019-6003

Cross-site scripting vulnerability in EC-CUBE plugin 'Amazon Pay Plugin 2.12,2.13' version 2.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1AI score0.00332EPSS

Exploits0References2

Japan Vulnerability Notes•added 2019/08/07 4:58 a.m.•2 views

EC-CUBE plugin "Amazon Pay Plugin 2.12,2.13" vulnerable to cross-site scripting

Overview EC-CUBE plugin "Amazon Pay Plugin 2.12,2.13" provided by IPLOGIC CO.,LTD. contains a cross-site scripting vulnerability CWE-79. Gen Sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

6.1CVSS6AI score0.00332EPSS

Exploits0References5

CNVD•added 2019/08/07 12:0 a.m.•2 views

Amazon Pay Plugin for EC-CUBE Cross-Site Scripting Vulnerability

Amazon Pay Plugin for EC-CUBE is an online payment plugin for EC-CUBE, a suite of e-commerce systems. A cross-site scripting vulnerability exists in Amazon Pay Plugin for EC-CUBE, which can be exploited by attackers to execute client-side code...

6.1CVSS6.4AI score0.00332EPSS

Exploits0References1

Japan Vulnerability Notes•added 2019/08/07 12:0 a.m.•59 views

JVN#29343839: EC-CUBE plugin "Amazon Pay Plugin 2.12,2.13" vulnerable to cross-site scripting

EC-CUBE plugin "Amazon Pay Plugin 2.12,2.13" provided by IPLOGIC CO.,LTD. contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who logs in to the product with the administrative privilege. Solution Update the Plugin Update...

6.1CVSS6.1AI score0.00332EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by