Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0201

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0201
Last Modified 07 Mar 2011 09:29:34
Published 13 Jan 2006 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0201

Summary

Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php.

Vulnerable Systems

Application

  • Paypal Php Toolkit 0.50


References

VUPEN - ADV-2006-0183

MISC - http://www.uinc.ru/articles/vuln/ptpaypal050.shtml

BID - 16218

BUGTRAQ - 20060112 Multiple PHP Toolkit for PayPal Vulnerabilities

SECUNIA - 18444

OSVDB - 22378


Last Updated: 27 May 2016 10:41:34