Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0118

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2013-0118
Last Modified 25 Feb 2013 12:00:00
Published 24 Feb 2013 06:48:21
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-0118

Summary

CS-Cart before 3.0.6, when PayPal Standard Payments is configured, allows remote attackers to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setting the recipient to one's self.

Vulnerable Systems

Application

  • Cs-cart 3.0

  • Cs-cart 3.0.2

  • Cs-cart 3.0.3

  • Cs-cart 3.0.4

  • Cs-cart 3.0.5


References

CERT-VN - VU#583564

CONFIRM - http://www.kb.cert.org/vuls/id/BLUU-949PQL

Related Patches

Apple 2015-004 Security Update for Mac OS X 10.8.5 (HT204659)

Apple 2015-004 Security Update for Mac OS X 10.9.5 (HT204659)

Apple Yosemite 10.10.3 Update (Combo) for Mac OS X (HT204659)

Apple Yosemite 10.10.3 Update for Mac OS X (HT204659)


Last Updated: 27 May 2016 11:01:57