VYPR
Vendor

Ebay

Products
6
CVEs
6
Across products
6
Status
Private

Products

6

Recent CVEs

6
  • CVE-2023-28843Mar 31, 2023
    risk 0.00cvss epss 0.01

    PrestaShop/paypal is an open source module for the PrestaShop web commerce ecosystem which provides paypal payment support. A SQL injection vulnerability found in the PrestaShop paypal module from release from 3.12.0 to and including 3.16.3 allow a remote attacker to gain…

  • CVE-2014-5612Sep 9, 2014
    risk 0.00cvss epss 0.00

    The Gmarket (aka com.ebay.kr.gmarket) application 5.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-5611Sep 9, 2014
    risk 0.00cvss epss 0.00

    The eBay Kleinanzeigen for Germany (aka com.ebay.kleinanzeigen) application 5.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2010-4211Nov 9, 2010
    risk 0.00cvss epss 0.00

    The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof a PayPal web server via an arbitrary certificate.

  • CVE-2008-2475Jun 9, 2009
    risk 0.00cvss epss 0.04

    eBay Enhanced Picture Uploader ActiveX control (EPUWALcontrol.dll) before 1.0.27 allows remote attackers to execute arbitrary commands via the PictureUrls property.

  • CVE-2006-1176Jul 8, 2006
    risk 0.00cvss epss 0.05

    Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers…