NVD

Id
44669  
Name
CVE-2012-2991  
Description
The PayPal (aka MODULE_PAYMENT_PAYPAL_STANDARD) module before 1.1 in osCommerce Online Merchant before 2.3.4 allows remote attackers to set the payment recipient via a modified value of the merchant"s e-mail address, as demonstrated by setting the recipient to one"s self.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2012-09-19  
Modified Date
2013-03-01  
Seq
2012-2991  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
224198 44669 CVE-2012-2991 VU#459446  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
28771 JVNDB-2012-004478 PayPal Website Payments Standard を使用している osCommerce Online Merchant に検証不備の脆弱性 PayPal Website Payments Standard アドオンを使用している osCommerce Online Merchant には、検証不備の脆弱性が存在します。 CVE-2012-2991 56229 CVE-2012-2991 44669 5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004478.html 2012-09-19 2012-09-27 View