15 matches found
EUVD-2012-5663
Malware in sbrugna...
EUVD-2022-4675
Malicious code in bioql PyPI...
PayPal PHP Merchant SDK Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in GetAuthDetails.html.php in PayPal PHP Merchant SDK aka merchant-sdk-php 3.9.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter...
GHSA-P4G7-WJHQ-9R2H PayPal PHP Merchant SDK Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in GetAuthDetails.html.php in PayPal PHP Merchant SDK aka merchant-sdk-php 3.9.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter...
Cross-site Scripting (XSS)
paypal/merchant-sdk-php is vulnerable to cross-site scriptingXSS attacks. The vulnerability exists due to insufficient filtration of user-supplied data in token HTTP GET parameter in samples/AccountAuthentication/GetAuthDetails.html.php, allowing a malicious user to inject and execute arbitrary w...
PayPal PHP Merchant SDK <= 3.9.1 Cross-site Scripting Vulnerability
This host has installed the PayPal PHP Merchant SDK and is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
PayPal PHP Merchant SDK Detection
This script detects the installed version of the PayPal PHP Merchant SDK. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PayPal PHP Merchant SDK Cross-Site Scripting Vulnerability
The PayPal PHP Merchant SDK is a development toolkit for integration with PayPal's Express Checkout and Web Payments Pro APIs. A cross-site scripting vulnerability in the GetAuthDetails.html.php file in the PayPal PHP Merchant SDK allows remote attackers to exploit the vulnerability to inject...
CVE-2017-6099
Cross-site scripting XSS vulnerability in GetAuthDetails.html.php in PayPal PHP Merchant SDK aka merchant-sdk-php 3.9.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter...
CVE-2017-6099
CVE-2017-6099 is an XSS vulnerability affecting PayPal PHP Merchant SDK (merchant-sdk-php)
jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name
It was found that Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...
Code injection
The PayPal merchant SDK does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...
Code injection
The Amazon merchant SDK does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...
Cross-site scripting (XSS) vulnerability in Paypal-Merchant-SDK-PHP
Hello: I have find a Reflected XSS vulnerability in this sdk. The vulnerability exists due to insufficient filtration of user-supplied data in “token” HTTP GET parameter that will be passed to “merchant-sdk-php\samples\AccountAuthentication\GetAuthDetails.html.php”. The infected source code is li...
Cross-site scripting (XSS) vulnerability in Paypal-Merchant-SDK-PHP
Hello: I have find a Reflected XSS vulnerability in this sdk. The vulnerability exists due to insufficient filtration of user-supplied data in “token” HTTP GET parameter that will be passed to “merchant-sdk-php\samples\AccountAuthentication\GetAuthDetails.html.php”. The infected source code is li...