Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities found for php_toolkit by paypal
CVE-2006-0202 (GCVE-0-2006-0202)
Vulnerability from nvd – Published: 2006-01-13 23:00 – Updated: 2024-08-07 16:25
VLAI
Summary
Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier has (1) world-readable permissions for ipn/logs/ipn_success.txt, which allows local users to view sensitive information (payment data), and (2) world-writable permissions for ipn/logs, which allows local users to delete or replace payment data.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.osvdb.org/22379 | vdb-entryx_refsource_OSVDB |
| http://www.uinc.ru/articles/vuln/ptpaypal050.shtml | x_refsource_MISC |
| http://secunia.com/advisories/18444 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/0183 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/16218 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/421739 | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-01-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:25:34.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22379",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22379"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"
},
{
"name": "18444",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18444"
},
{
"name": "ADV-2006-0183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0183"
},
{
"name": "16218",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16218"
},
{
"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/421739"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier has (1) world-readable permissions for ipn/logs/ipn_success.txt, which allows local users to view sensitive information (payment data), and (2) world-writable permissions for ipn/logs, which allows local users to delete or replace payment data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-20T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22379",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22379"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"
},
{
"name": "18444",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18444"
},
{
"name": "ADV-2006-0183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0183"
},
{
"name": "16218",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16218"
},
{
"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/421739"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier has (1) world-readable permissions for ipn/logs/ipn_success.txt, which allows local users to view sensitive information (payment data), and (2) world-writable permissions for ipn/logs, which allows local users to delete or replace payment data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22379",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22379"
},
{
"name": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml",
"refsource": "MISC",
"url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"
},
{
"name": "18444",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18444"
},
{
"name": "ADV-2006-0183",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0183"
},
{
"name": "16218",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16218"
},
{
"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421739"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0202",
"datePublished": "2006-01-13T23:00:00.000Z",
"dateReserved": "2006-01-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:25:34.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0201 (GCVE-0-2006-0201)
Vulnerability from nvd – Published: 2006-01-13 23:00 – Updated: 2024-08-07 16:25
VLAI
Summary
Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.uinc.ru/articles/vuln/ptpaypal050.shtml | x_refsource_MISC |
| http://secunia.com/advisories/18444 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/0183 | vdb-entryx_refsource_VUPEN |
| http://www.osvdb.org/22378 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/16218 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/421739 | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-01-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:25:33.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"
},
{
"name": "18444",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18444"
},
{
"name": "ADV-2006-0183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0183"
},
{
"name": "22378",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22378"
},
{
"name": "16218",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16218"
},
{
"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/421739"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-20T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"
},
{
"name": "18444",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18444"
},
{
"name": "ADV-2006-0183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0183"
},
{
"name": "22378",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22378"
},
{
"name": "16218",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16218"
},
{
"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/421739"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml",
"refsource": "MISC",
"url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"
},
{
"name": "18444",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18444"
},
{
"name": "ADV-2006-0183",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0183"
},
{
"name": "22378",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22378"
},
{
"name": "16218",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16218"
},
{
"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421739"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0201",
"datePublished": "2006-01-13T23:00:00.000Z",
"dateReserved": "2006-01-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:25:33.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0202 (GCVE-0-2006-0202)
Vulnerability from cvelistv5 – Published: 2006-01-13 23:00 – Updated: 2024-08-07 16:25
VLAI
Summary
Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier has (1) world-readable permissions for ipn/logs/ipn_success.txt, which allows local users to view sensitive information (payment data), and (2) world-writable permissions for ipn/logs, which allows local users to delete or replace payment data.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.osvdb.org/22379 | vdb-entryx_refsource_OSVDB |
| http://www.uinc.ru/articles/vuln/ptpaypal050.shtml | x_refsource_MISC |
| http://secunia.com/advisories/18444 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/0183 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/16218 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/421739 | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-01-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:25:34.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22379",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22379"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"
},
{
"name": "18444",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18444"
},
{
"name": "ADV-2006-0183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0183"
},
{
"name": "16218",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16218"
},
{
"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/421739"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier has (1) world-readable permissions for ipn/logs/ipn_success.txt, which allows local users to view sensitive information (payment data), and (2) world-writable permissions for ipn/logs, which allows local users to delete or replace payment data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-20T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22379",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22379"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"
},
{
"name": "18444",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18444"
},
{
"name": "ADV-2006-0183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0183"
},
{
"name": "16218",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16218"
},
{
"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/421739"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier has (1) world-readable permissions for ipn/logs/ipn_success.txt, which allows local users to view sensitive information (payment data), and (2) world-writable permissions for ipn/logs, which allows local users to delete or replace payment data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22379",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22379"
},
{
"name": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml",
"refsource": "MISC",
"url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"
},
{
"name": "18444",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18444"
},
{
"name": "ADV-2006-0183",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0183"
},
{
"name": "16218",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16218"
},
{
"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421739"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0202",
"datePublished": "2006-01-13T23:00:00.000Z",
"dateReserved": "2006-01-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:25:34.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0201 (GCVE-0-2006-0201)
Vulnerability from cvelistv5 – Published: 2006-01-13 23:00 – Updated: 2024-08-07 16:25
VLAI
Summary
Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.uinc.ru/articles/vuln/ptpaypal050.shtml | x_refsource_MISC |
| http://secunia.com/advisories/18444 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/0183 | vdb-entryx_refsource_VUPEN |
| http://www.osvdb.org/22378 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/16218 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/421739 | mailing-listx_refsource_BUGTRAQ |
Date Public
2006-01-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:25:33.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"
},
{
"name": "18444",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18444"
},
{
"name": "ADV-2006-0183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0183"
},
{
"name": "22378",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22378"
},
{
"name": "16218",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16218"
},
{
"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/421739"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-20T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"
},
{
"name": "18444",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18444"
},
{
"name": "ADV-2006-0183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0183"
},
{
"name": "22378",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22378"
},
{
"name": "16218",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16218"
},
{
"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/421739"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml",
"refsource": "MISC",
"url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"
},
{
"name": "18444",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18444"
},
{
"name": "ADV-2006-0183",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0183"
},
{
"name": "22378",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22378"
},
{
"name": "16218",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16218"
},
{
"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421739"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0201",
"datePublished": "2006-01-13T23:00:00.000Z",
"dateReserved": "2006-01-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:25:33.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}