exploit the possibilities
Showing 1 - 25 of 59 RSS Feed

Files

PayPal/Credit Card/Debit Card Payment 1.0 SQL Injection
Posted Oct 29, 2018
Authored by Ihsan Sencan

PayPal/Credit Card/Debit Card Payment version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-18800
MD5 | a91f0b3c3564df1ce63bf34f2ee0ed93

Related Files

Red Hat Security Advisory 2021-3851-01
Posted Oct 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3851-01 - Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This advisory is intended to use with Container Images, for Red Hat 3scale API Management 2.11.0. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2020-8911, CVE-2020-8912, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-27218, CVE-2021-3442, CVE-2021-36222, CVE-2021-3653, CVE-2021-3715, CVE-2021-37750
MD5 | 156bd8b6d140a4270c36edf79cac7b29
WordPress GetPaid 2.4.6 HTML Injection
Posted Sep 1, 2021
Authored by Niraj Mahajan

WordPress GetPaid payments plugin version 2.4.6 suffers from an html injection vulnerability.

tags | exploit
MD5 | a333d5577107e8c14fe4526c85da8590
Red Hat Security Advisory 2021-1129-01
Posted Apr 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1129-01 - Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This advisory is intended to use with container images for Red Hat 3scale API Management 2.10.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-20843, CVE-2019-11719, CVE-2019-11727, CVE-2019-11756, CVE-2019-12749, CVE-2019-14866, CVE-2019-15903, CVE-2019-17006, CVE-2019-17023, CVE-2019-17498, CVE-2019-19126, CVE-2019-19532, CVE-2019-19956, CVE-2019-20388, CVE-2019-20907, CVE-2019-5094, CVE-2019-5188, CVE-2020-0427, CVE-2020-12243, CVE-2020-12400, CVE-2020-12401, CVE-2020-12402, CVE-2020-12403, CVE-2020-12723, CVE-2020-14040, CVE-2020-14351, CVE-2020-1971
MD5 | 0aac387101bdf7b27b57090a9070a68c
WordPress Stripe Payments 2.0.39 Cross Site Scripting
Posted Jan 5, 2021
Authored by Park Won Seok

WordPress Stripe Payments plugin version 2.0.39 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 923d4ad559a3564407bf8a9b0d4eeb79
WordPress NAB Transact WooCommerce 2.1.0 Payment Bypass
Posted Aug 20, 2020
Authored by Jack Misiura

WordPress NAB Transact WooCommerce plugin version 2.1.0 suffers from a payment bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2020-11497
MD5 | 580b8c08be425934c55c29d9872fc490
Magento WooCommerce CardGate Payment Gateway 2.0.30 Bypass
Posted Feb 25, 2020
Authored by GeekHack

Magento WooCommerce CardGate Payment Gateway version 2.0.30 suffers from a payment process bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2020-8818
MD5 | 1d23aa81208809107f8c47807a4993c4
WordPress WooCommerce CardGate Payment Gateway 3.1.15 Bypass
Posted Feb 25, 2020
Authored by GeekHack

WordPress WooCommerce CardGate Payment Gateway plugin version 3.1.15 suffers from a payment process bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2020-8819
MD5 | 05e07ae4a5c8c41e1fa0ef498a75f37b
Chrome Site Isolation Bypass / File Disclosure
Posted Nov 8, 2019
Authored by Google Security Research, Glazvunov

The Chrome Payment Handler API suffers from site isolation bypass and local file disclosure vulnerabilities.

tags | exploit, local, vulnerability
MD5 | a0e44b48eda93d22f89c1bb42d02f804
WordPress Spryng Payments WooCommerce 1.6.7 Cross Site Scripting
Posted Sep 4, 2019
Authored by Ricardo Sanchez

WordPress Spryng Payments WooCommerce plugin version 1.6.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8f22fb3fa01aeb9ff354e99195e0c3a2
Red Hat Security Advisory 2019-2534-01
Posted Aug 21, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2534-01 - Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This release of Red Hat 3scale API Management 2.6.0 replaces Red Hat 3scale API Management 2.5.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-10216
MD5 | 9c5e706bb8911d6bc88a8c019dbd73c4
WordPress PayPal Checkout Payment Gateway 1.6.8 Parameter Tampering
Posted Apr 2, 2019
Authored by Vikas Chaudhary

WordPress PayPal Checkout Payment Gateway plugin version 1.6.8 suffers from a parameter tampering vulnerability that allows for price manipulation.

tags | exploit
advisories | CVE-2019-7441
MD5 | 8c9e97b94611af5b67bfec589d9abccf
Chrome PaymentRequest Service Use-After-Free
Posted Feb 27, 2019
Authored by Google Security Research, Mark Brand

Chrome suffers from multiple use-after-free vulnerabilities in the PaymentRequest service.

tags | exploit, vulnerability
MD5 | 542901546f769fa6884fd395a1a3c73e
WordPress WooCommerce GloBee Payment Gateway 1.1.1 Bypass / Spoofing
Posted Feb 19, 2019
Authored by GeekHack

WordPress WooCommerce plugin with GloBee cryptocurrency payment gateway versions 1.1.1 and below suffer from payment bypass and unauthorized order status spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, bypass
advisories | CVE-2018-20782
MD5 | a070536b50a013c2522b2ed38c52cccc
Card Payment 1.0 Cross Site Request Forgery
Posted Oct 29, 2018
Authored by Ihsan Sencan

Card Payment version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 688b39d1f9ec0a7ac5ab08a032506c09
eWallet Online Payment Gateway 2 Cross Site Request Forgery
Posted May 24, 2018
Authored by Borna Nematzadeh

eWallet Online Payment Gateway version 2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 11c2c9fbcd9ffc4cfa4a2ffd44921f1b
Bitcoin Cash Receive Payments 1.0 Cross Site Scripting
Posted Dec 30, 2017
Authored by ShanoWeb

The CoinPayments API in Bitcoin Cash Receive Payments version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 42789bef05be6fea5b18960dbe4be86b
Magento Cross Site Requst Forgery / Cross Site Scripting
Posted Oct 5, 2017
Authored by DefenseCode, Bosko Stankovic

During a security audit of Magento Community Edition / Open Source and Commerce, cross site request forgery and stored cross site scripting vulnerabilities were discovered that could lead to administrator account takeover, putting the website customers and their payment information at risk. Versions affected include Magento CE 1 prior to 1.9.3.6, Magento Commerce prior to 1.14.3.6, Magento 2.0 prior to 2.0.16, and Magento 2.1 prior to 2.1.9.

tags | exploit, vulnerability, xss, csrf
MD5 | b8e9abcbfbba8f6e6349871a393da400
Magento Cross Site Requst Forgery / Cross Site Scripting
Posted Oct 4, 2017
Authored by DefenseCode, Bosko Stankovic

During a security audit of Magento Community Edition / Open Source and Commerce, cross site request forgery and stored cross site scripting vulnerabilities were discovered that could lead to administrator account takeover, putting the website customers and their payment information at risk. This is a second advisory from DefenseCode for the same software and vulnerabilities. Versions affected include Magento CE 1 prior to 1.9.3.6, Magento Commerce prior to 1.14.3.6, Magento 2.0 prior to 2.0.16, and Magento 2.1 prior to 2.1.9.

tags | exploit, vulnerability, xss, csrf
MD5 | 6fac5f12b988c5d618dd41e90f4d5591
Enterprise Edition Payment Processor Script 3.7 SQL Injection
Posted Sep 14, 2017
Authored by Ihsan Sencan

Enterprise Edition Payment Processor Script version 3.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 84f980440f89a387ade728a9ee590356
Apple Music Android Application Man-In-The-Middle
Posted Apr 6, 2017
Authored by David Coomber

The Apple Music Android application (version 1.2.1 and below) does not validate the SSL certificate received when connecting to the mobile application login and payment servers.

tags | advisory
systems | apple
advisories | CVE-2017-2387
MD5 | 77f6d3bf2a4d79ba1870023309aa385e
iTechScripts Payment Gateway Script 8.46 SQL Injection
Posted Jan 18, 2017
Authored by Hasan Emre Ozer

iTechScripts Payment Gateway Script version 8.46 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | dcd3d2cd5da2caf853290c953094a0b3
WordPress Payment Form For PayPal Pro 1.0.1 XSS
Posted Oct 6, 2015
Authored by Iberia Medeiros

WordPress DWBooster Payment Form for PayPal Pro plugin version 1.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-7666
MD5 | 09bcaa1d6620bf662de0a134bec4ce00
PayPal Stored Cross Site Scripting
Posted Aug 28, 2015
Authored by Ebrahim Hegazy | Site vulnerability-lab.com

A stored cross site scripting vulnerability existed in the SecurePayment page on PayPal.

tags | exploit, xss
MD5 | dc78edd42716d9ae70a4124a9dec8d8c
PCI/DSS - Are The Controls Relevant?
Posted Nov 24, 2014
Authored by Lokesh Pidawekar

Whitepaper called PCI/DSS - Payment Card Industry / Data Security Standard - Are the controls relevant? This paper goes into detail on risk management plans, policies, standards, and practices.

tags | paper
MD5 | a068761429b05e5c2626f2af801817e1
Mpay24 Payment Module 1.5 Information Disclosure / SQL Injection
Posted Sep 3, 2014
Authored by Eldar Marcussen

Mpay24 Payment Module versions 1.5 and below suffer from information disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
advisories | CVE-2014-2008, CVE-2014-2009
MD5 | d91cc4e0bea733e9fd33f4bedc70a421
Page 1 of 3
Back123Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close