{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-01-12T00:00:00", "descriptions": [{"lang": "en", "value": "Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2006-01-20T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"}, {"name": "18444", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18444"}, {"name": "ADV-2006-0183", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/0183"}, {"name": "22378", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/22378"}, {"name": "16218", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/16218"}, {"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/421739"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-0201", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml", "refsource": "MISC", "url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"}, {"name": "18444", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18444"}, {"name": "ADV-2006-0183", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/0183"}, {"name": "22378", "refsource": "OSVDB", "url": "http://www.osvdb.org/22378"}, {"name": "16218", "refsource": "BID", "url": "http://www.securityfocus.com/bid/16218"}, {"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/421739"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:25:33.971Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"}, {"name": "18444", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18444"}, {"name": "ADV-2006-0183", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/0183"}, {"name": "22378", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/22378"}, {"name": "16218", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/16218"}, {"name": "20060112 Multiple PHP Toolkit for PayPal Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/421739"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-0201", "datePublished": "2006-01-13T23:00:00", "dateReserved": "2006-01-13T00:00:00", "dateUpdated": "2024-08-07T16:25:33.971Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:paypal:php_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "50D66514-FAC2-4E1B-AF92-4FEAE982EF8A", "versionEndIncluding": "0.50", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php."}], "id": "CVE-2006-0201", "lastModified": "2011-03-08T02:29:34.347", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-01-13T23:03:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/18444"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/22378"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.securityfocus.com/archive/1/421739"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/16218"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.uinc.ru/articles/vuln/ptpaypal050.shtml"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/0183"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}