Vulnerabilities > Paypal

DATE	CVE	VULNERABILITY TITLE	RISK
2012-09-19	CVE-2012-2991	The PayPal (aka MODULE_PAYMENT_PAYPAL_STANDARD) module before 1.1 in osCommerce Online Merchant before 2.3.4 allows remote attackers to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setting the recipient to one's self. network low complexity oscommerce paypal	5.0
2012-09-17	CVE-2012-2058	Permissions, Privileges, and Access Controls vulnerability in Paypal Ubercart Payflow The Ubercart Payflow module for Drupal does not use a secure token, which allows remote attackers to forge payments via unspecified vectors. network low complexity paypal drupal CWE-264	5.0
2006-01-13	CVE-2006-0202	Unspecified vulnerability in Paypal PHP Toolkit Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier has (1) world-readable permissions for ipn/logs/ipn_success.txt, which allows local users to view sensitive information (payment data), and (2) world-writable permissions for ipn/logs, which allows local users to delete or replace payment data. local low complexity paypal	3.6
2006-01-13	CVE-2006-0201	Unspecified vulnerability in Paypal PHP Toolkit Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php. network low complexity paypal	5.0

Vulnerabilities > Paypal {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Paypal"}]}