18 matches found
Code injection
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in an error.php echo statement...
CVE-2018-19186
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the route.php paymentMethod parameter...
CVE-2018-19188
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the success.php fortid parameter...
CVE-2018-19189
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in an error.php echo statement...
CVE-2018-19190
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the error.php errormsg parameter...
Code injection
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the route.php paymentMethod parameter...
CVE-2018-19190
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the error.php errormsg parameter...
Code injection
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in a success.php echo statement...
CVE-2018-19190
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the error.php errormsg parameter...
CVE-2018-19186
CVE-2018-19186 concerns the Amazon PAYFORT payfort-php-SDK (payment gateway SDK) through 2018-04-26, where a cross-site scripting (XSS) flaw exists in the route.php paymentMethod parameter. The vulnerability is evidenced in NVD and corroborated by multiple sources (CNVD/CVE records). Affected com...
CVE-2018-19188
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the success.php fortid parameter...
CVE-2018-19186
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the route.php paymentMethod parameter...
CVE-2018-19188
The CVE-2018-19188 entry concerns the Amazon PAYFORT payfort-php-SDK (pre-2018-04-26) with an XSS flaw exploitable through the success.php fort_id parameter. Connected records (NVD, CVE List, CNVD, PRION, CVELIST) corroborate the same description. The documents do not provide explicit remediation...
CVE-2018-19187
The CVE-2018-19187 entry concerns the Amazon PAYFORT payfort-php-SDK (payment gateway SDK) with an XSS flaw present through 2018-04-26. The root cause is mishandling of an arbitrary parameter name or value in a success.php echo statement, enabling cross-site scripting. Documents identify the affe...
CVE-2018-19189
The CVE-2018-19189 entry concerns the Amazon PAYFORT payfort-php-SDK (up to 2018-04-26) and a cross-site scripting (XSS) condition caused by mishandling an arbitrary parameter name or value in an error.php echo statement. The vulnerability is described in the NVD entry as an XSS risk with a CVSS ...
CVE-2018-19190
The CVE-2018-19190 entry concerns the Amazon PAYFORT payfort-php-SDK payment gateway, with an XSS vulnerability exploitable via the error.php error_msg parameter in versions up to 2018-04-26. The NVD notes CVSS v2 base score 4.3 (Medium) and CVSS v3.0 base score 6.1 (Medium). Exploitation details...
PAYFORT payfort-php-SDK cross-site scripting vulnerability
PayFort is an online payment gateway. payfort-php-SDK is the PayFort payment gateway SDK. A cross-site scripting vulnerability exists in Amazon PAYFORT payfort-php-SDK on 2018-04-26 and earlier versions, which can be exploited by an attacker via the error.php errormsg parameter to conduct a...
PAYFORT payfort-php-SDK cross-site scripting vulnerability (CNVD-2019-08574)
PayFort is an online payment gateway. payfort-php-SDK is the PayFort payment gateway SDK. A cross-site scripting vulnerability exists in Amazon PAYFORT payfort-php-SDK on 2018-04-26 and earlier versions, which can be exploited by an attacker via the route.php paymentMethod parameter to conduct a...