CVE-2012-4934

TomatoCart 1.1.7, when the PayPal Express Checkout module is enabled in sandbox mode, allows remote authenticated users to bypass intended payment requirements by modifying a certain redirection URL.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:N/I:P/A:N
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
VendorProductVersion
tomatocarttomatocart
1.1.7
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/86883
http://www.kb.cert.org/vuls/id/207540
http://www.securityfocus.com/bid/56333
https://exchange.xforce.ibmcloud.com/vulnerabilities/79696
http://osvdb.org/86883
http://www.kb.cert.org/vuls/id/207540
http://www.securityfocus.com/bid/56333
https://exchange.xforce.ibmcloud.com/vulnerabilities/79696