Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The PayPal (aka MODULE_PAYMENT_PAYPAL_STANDARD) module before 1.1 in osCommerce Online Merchant before 2.3.4 allows remote attackers to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setting the recipient to one's self.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
osCommerce Online Merchant 未明安全漏洞
Vulnerability Description
osCommerce是一套基于GNUGPL授权的开源在线购物电子商务解决方案。 osCommerce Online Merchant 2.3.4之前版本中的PayPal(又名MODULE_PAYMENT_PAYPAL_STANDARD)模块1.1之前版本中存在漏洞。远程攻击者可利用该漏洞通过修改商家的电子邮箱地址值,设置支付收件人,如设置自己为收件人。
CVSS Information
N/A
Vulnerability Type
N/A