Php Toolkit
Approved changes feed: RSS · Atom
cpe:2.3:a:paypal:php_toolkit:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Paypal (2b642d37-639a-5154-8381-bcda0f140bab) |
|---|---|
| Product | Php Toolkit (fe70df90-3652-5444-8c46-f4201fe1bb9f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2006-0202 |
vulnerable | 2026-06-03 14:27:20.150766 |
Details available
Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier has (1) world-readable permissions for ipn/logs/ipn_success.txt, which allows local users to view sensitive information (payment data), and (2) world-writable permissions for ipn/logs, which allows local users to delete or replace payment data.
Published: 2006-01-13T23:00:00.000Z
Updated: 2024-08-07T16:25:34.008Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-0201 |
vulnerable | 2026-06-03 14:27:20.150335 |
Details available
Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php.
Published: 2006-01-13T23:00:00.000Z
Updated: 2024-08-07T16:25:33.971Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.