Vulnerabilities > Amazon > Payfort PHP SDK

DATE CVE VULNERABILITY TITLE RISK
2018-11-14 CVE-2018-19190 Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the error.php error_msg parameter.
network
low complexity
amazon CWE-79
6.1
2018-11-14 CVE-2018-19189 Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in an error.php echo statement.
network
low complexity
amazon CWE-79
6.1
2018-11-14 CVE-2018-19188 Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the success.php fort_id parameter.
network
low complexity
amazon CWE-79
6.1
2018-11-14 CVE-2018-19187 Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in a success.php echo statement.
network
low complexity
amazon CWE-79
6.1
2018-11-14 CVE-2018-19186 Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the route.php paymentMethod parameter.
network
low complexity
amazon CWE-79
6.1