Filtered by vendor Ebay
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-26107 | 1 Ebay | 1 Sketchsvg | 2024-11-21 | N/A | 6.9 MEDIUM |
All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string. | |||||
CVE-2010-4211 | 2 Apple, Ebay | 2 Iphone Os, Paypal | 2024-11-21 | 2.9 LOW | N/A |
The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof a PayPal web server via an arbitrary certificate. | |||||
CVE-2008-2475 | 1 Ebay | 1 Enhanced Picture Uploader Activex Control | 2024-11-21 | 9.3 HIGH | N/A |
eBay Enhanced Picture Uploader ActiveX control (EPUWALcontrol.dll) before 1.0.27 allows remote attackers to execute arbitrary commands via the PictureUrls property. | |||||
CVE-2006-1176 | 1 Ebay | 1 Enhanced Picture Services | 2024-11-21 | 7.5 HIGH | N/A |
Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document. |