Lucene search
K

38 matches found

Cvelist
Cvelist
added 2020/02/25 1:20 a.m.45 views

CVE-2020-8818

An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. Lack of origin authentication in the IPN callback processing function in Controller/Payment/Callback.php allows an attacker to remotely replace critical plugin settings merchant ID, secret key, etc. and therefor...

8.2AI score0.0417EPSS
Exploits5References3
Cvelist
Cvelist
added 2020/02/25 1:15 a.m.48 views

CVE-2020-8819

An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. Lack of origin authentication in the IPN callback processing function in cardgate/cardgate.php allows an attacker to remotely replace critical plugin settings merchant ID, secret key, etc. and therefore bypass...

8.2AI score0.04541EPSS
Exploits6References5
CVE
CVE
added 2020/02/25 1:15 a.m.150 views

CVE-2020-8819

The CVE-2020-8819 entry refers to the CardGate Payments plugin for WooCommerce (up to version 3.1.15). The underlying issue is lack of origin authentication in the IPN callback processing function (cardgate/cardgate.php), which allows an attacker to remotely replace critical plugin settings (merc...

8.1CVSS8AI score0.04541EPSS
Exploits6References5Affected Software1
Packet Storm
Packet Storm
added 2020/02/25 12:0 a.m.178 views

Magento WooCommerce CardGate Payment Gateway 2.0.30 Bypass

Exploit Title: Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com www.curopayments.com Software Link:...

0.3AI score0.0417EPSS
Exploits5
Packet Storm
Packet Storm
added 2020/02/25 12:0 a.m.173 views

WordPress WooCommerce CardGate Payment Gateway 3.1.15 Bypass

Exploit Title: WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com www.curopayments.com Software Link:...

0.1AI score0.04541EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/02/25 12:0 a.m.1212 views

Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass

Exploit Title: Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com www.curopayments.com Software Link:...

8.1CVSS8.1AI score0.0417EPSS
Exploits5
ATTACKERKB
ATTACKERKB
added 2020/02/25 12:0 a.m.22 views

CVE-2020-8819

An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. Lack of origin authentication in the IPN callback processing function in cardgate/cardgate.php allows an attacker to remotely replace critical plugin settings merchant ID, secret key, etc. and therefore bypass...

8.1CVSS8.1AI score0.04541EPSS
Exploits6References6
ATTACKERKB
ATTACKERKB
added 2020/02/25 12:0 a.m.20 views

CVE-2020-8818

An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. Lack of origin authentication in the IPN callback processing function in Controller/Payment/Callback.php allows an attacker to remotely replace critical plugin settings merchant ID, secret key, etc. and therefor...

8.1CVSS8.1AI score0.04541EPSS
Exploits11References4
exploitpack
exploitpack
added 2020/02/25 12:0 a.m.72 views

Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass

Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Exploit Title: Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com...

5.5CVSS0.2AI score0.0417EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/02/25 12:0 a.m.213 views

WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass

Exploit Title: WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com www.curopayments.com Software Link:...

8.1CVSS8.1AI score0.04541EPSS
Exploits6
Packet Storm
Packet Storm
added 2019/02/19 12:0 a.m.65 views

WordPress WooCommerce GloBee Payment Gateway 1.1.1 Bypass / Spoofing

?php Exploit Title: WordPress WooCommerce - GloBee cryptocurrency Payment Gateway Plugin Payment Bypass / Unauthorized Order Status Spoofing Discovery Date: 14.12.2018 Public Disclosure Date: 14.02.2019 Exploit Author: GeekHack Contact: https://t.me/GeekHack Vendor Homepage: https://globee.com/...

7.6AI score0.10009EPSS
Exploits5
0day.today
0day.today
added 2019/02/18 12:0 a.m.70 views

WordPress WooCommerce Plugin - Payment Bypass / Unauthorized Order Status Spoofing

Exploit for php platform in category web applications WordPress Plugin WooCommerce - GloBee cryptocurrency Payment Gateway 1.1.1 - Payment Bypass / Unauthorized Order Status Spoofing -------------------------------------------------------------- ?php Exploit Title: WordPress WooCommerce - GloBee...

5CVSS7.5AI score0.10009EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.82 views

WordPress Plugin WooCommerce - GloBee (cryptocurrency) Payment Gateway 1.1.1 - Payment Bypass / Unauthorized Order Status Spoofing

?php Exploit Title: WordPress WooCommerce - GloBee cryptocurrency Payment Gateway Plugin Payment Bypass / Unauthorized Order Status Spoofing Discovery Date: 14.12.2018 Public Disclosure Date: 14.02.2019 Exploit Author: GeekHack Contact: https://t.me/GeekHack Vendor Homepage: https://globee.com/...

7.5CVSS7.8AI score0.10009EPSS
Exploits5
UbuntuCve
UbuntuCve
added 2018/04/04 9:29 p.m.20 views

CVE-2018-1081

A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions. Unauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was...

5.3CVSS6.7AI score0.0147EPSS
Exploits0References3
OSV
OSV
added 2018/04/04 9:29 p.m.18 views

CVE-2018-1081

A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions. Unauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was...

5.3CVSS5.5AI score
Exploits0References3
Prion
Prion
added 2018/04/04 9:29 p.m.13 views

Design/Logic Flaw

A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions. Unauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was...

5CVSS5.5AI score0.0147EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2018/04/04 9:29 p.m.23 views

CVE-2018-1081

A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions. Unauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was...

5.3CVSS5.1AI score0.0147EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/04/04 9:0 p.m.34 views

CVE-2018-1081

A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions. Unauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was...

5.1AI score0.0147EPSS
Exploits0References3
Rows per page
Query Builder