Vulnerabilities > Amazon > Payfort PHP SDK > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-14 | CVE-2018-19190 | Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426 The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the error.php error_msg parameter. | 6.1 |
| 2018-11-14 | CVE-2018-19189 | Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426 The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in an error.php echo statement. | 6.1 |
| 2018-11-14 | CVE-2018-19188 | Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426 The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the success.php fort_id parameter. | 6.1 |
| 2018-11-14 | CVE-2018-19187 | Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426 The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in a success.php echo statement. | 6.1 |
| 2018-11-14 | CVE-2018-19186 | Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426 The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the route.php paymentMethod parameter. | 6.1 |