CVE-2006-0201
First published: Fri Jan 13 2006(Updated: )
Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PayPal WPS ToolKit | <=0.50 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2006-0201?
CVE-2006-0201 is classified as a medium severity vulnerability due to its potential to allow unauthorized payment logging.
How do I fix CVE-2006-0201?
To address CVE-2006-0201, upgrade to a version of PayPal PHP Toolkit that is newer than 0.50.
What impact does CVE-2006-0201 have?
CVE-2006-0201 allows remote attackers to manipulate payment logs, which can lead to fraudulent entries.
Which versions are affected by CVE-2006-0201?
CVE-2006-0201 affects PayPal PHP Toolkit version 0.50 and possibly earlier versions.
Is CVE-2006-0201 a web-based vulnerability?
Yes, CVE-2006-0201 is a web-based vulnerability that involves HTTP POST requests.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/paypal
- canonical/paypal wps toolkit
- version/paypal wps toolkit/0.50