Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:34 a.m.7 views

CVE-2024-41670

In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during the capture of a payment in case of disable...

7.5CVSS6.8AI score0.00388EPSS
Exploits0References1
NVD
NVD
added 2024/07/26 3:15 p.m.21 views

CVE-2024-41670

In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during the capture of a payment in case of disable...

7.5CVSS0.00388EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/26 2:46 p.m.17 views

CVE-2024-41670 PayPal Official Module for PrestaShop has Improperly Implemented Security Check for Standard

In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during the capture of a payment in case of disable...

7.5CVSS7.4AI score0.00388EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/26 2:46 p.m.31 views

CVE-2024-41670 PayPal Official Module for PrestaShop has Improperly Implemented Security Check for Standard

In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during the capture of a payment in case of disable...

7.5CVSS0.00388EPSS
Exploits0References1
OSV
OSV
added 2024/07/26 2:46 p.m.3 views

CVE-2024-41670 PayPal Official Module for PrestaShop has Improperly Implemented Security Check for Standard

In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during the capture of a payment in case of disable...

7.5CVSS6.7AI score0.00388EPSS
Exploits0References3
CVE
CVE
added 2024/07/26 2:46 p.m.57 views

CVE-2024-41670

CVE-2024-41670 – PayPal Official module (PrestaShop) affects PrestaShop 7+ releases before 6.4.2 and PrestaShop 1.6 releases before 3.18.1. A logical weakness in the payment capture flow, when webhooks are disabled, can allow a malicious customer to confirm an order even if PayPal declines the pa...

7.5CVSS7.4AI score0.00388EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/26 12:0 a.m.3 views

PT-2024-29497 · Unknown +1 · Prestashop +1

Name of the Vulnerable Software and Affected Versions: PrestaShop versions prior to 6.4.2 PrestaShop 1.6 versions prior to 3.18.1 Description: A logical weakness in the "PayPal Official" module for PrestaShop can be exploited by a malicious customer to confirm an order even if the payment is...

7.5CVSS7.1AI score0.00388EPSS
Exploits0References5
Rows per page
Query Builder