2 matches found
CVE-2006-0202
Dave Nielsen and Patrick Breitenbach PayPal Web Services aka PHP Toolkit 0.50 and possibly earlier has 1 world-readable permissions for ipn/logs/ipnsuccess.txt, which allows local users to view sensitive information payment data, and 2 world-writable permissions for ipn/logs, which allows local...
CVE-2006-0202
CVE-2006-0202 affects PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier. The issue is due to insecure filesystem permissions: ipn/logs/ipn_success.txt is world-readable, allowing local users to view payment data, and ipn/logs is world-writable, enabling local users to delete or repl...