Vulnerabilities > Phonepe
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-13 | CVE-2022-45835 | Server-Side Request Forgery (SSRF) vulnerability in Phonepe Server-Side Request Forgery (SSRF) vulnerability in PhonePe PhonePe Payment Solutions.This issue affects PhonePe Payment Solutions: from n/a through 1.0.15. | 7.5 |
| 2018-09-23 | CVE-2018-17403 | Unspecified vulnerability in Phonepe 3.0.6/3.3.26 The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to impersonate a user and set up their account without their knowledge. | 8.8 |
| 2018-09-23 | CVE-2018-17402 | Information Exposure vulnerability in Phonepe 3.0.6/3.3.26 The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to discover the Credit/Debit card number, expiration date, and CVV number. | 5.3 |
| 2018-09-23 | CVE-2018-17401 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Phonepe 3.0.6/3.3.26 The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to perform Account Takeover attacks by exploiting its Forgot Password feature. | 8.8 |
| 2018-09-23 | CVE-2018-17400 | Unspecified vulnerability in Phonepe 3.0.6/3.3.26 The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to perform Account Takeover attacks by intercepting the user name and PIN during the initial configuration of the application. | 7.0 |