Sylius paypal-plugin 1.2.4/1.3.1 Payment Page /pay-with-paypal/{id} sylius_paypal_plugin_pay_with_paypal_form information disclosure

A vulnerability, which was classified as problematic, has been found in Sylius paypal-plugin 1.2.4/1.3.1. This issue affects the function sylius_paypal_plugin_pay_with_paypal_form of the file /pay-with-paypal/{id} of the component Payment Page. Applying the patch 2adc46be2764ccee22b4247139b8056fb8d1afff is able to eliminate this problem. The bugfix is ready for download at github.com.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-12840 : RED HAT SATELLITE HTTP PROXY SERVER-SIDE REQUEST FORGERY

CVE-2024-12840 : RED HAT SATELLITE HTTP PROXY SERVER-SIDE REQUEST FORGERY

Description A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with

CVE-2024-51466 : IBM COGNOS ANALYTICS UP TO 11.2.4 FP4/12.0.4 EL EXPRESSION LANGUAGE INJECTION

CVE-2024-51466 : IBM COGNOS ANALYTICS UP TO 11.2.4 FP4/12.0.4 EL EXPRESSION LANGUAGE INJECTION

Description IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language (EL) Injection

CVE-2024-28767 : IBM SECURITY DIRECTORY INTEGRATOR UP TO 7.2.0.13/10.0.3 REQUEST OS COMMAND INJECTION

CVE-2024-28767 : IBM SECURITY DIRECTORY INTEGRATOR UP TO 7.2.0.13/10.0.3 REQUEST OS COMMAND INJECTION

Description IBM Security Directory Integrator 7.2.0 through 7.2.0.13 and 10.0.0 through 10.0.3 could allow a remote authenticated attacker to execute