Vulnerabilities (CVE)

Filtered by vendor Ebay Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-26107 1 Ebay 1 Sketchsvg 2024-11-21 N/A 6.9 MEDIUM
All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string.
CVE-2010-4211 2 Apple, Ebay 2 Iphone Os, Paypal 2024-11-21 2.9 LOW N/A
The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof a PayPal web server via an arbitrary certificate.
CVE-2008-2475 1 Ebay 1 Enhanced Picture Uploader Activex Control 2024-11-21 9.3 HIGH N/A
eBay Enhanced Picture Uploader ActiveX control (EPUWALcontrol.dll) before 1.0.27 allows remote attackers to execute arbitrary commands via the PictureUrls property.
CVE-2006-1176 1 Ebay 1 Enhanced Picture Services 2024-11-21 7.5 HIGH N/A
Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document.