RSS   Vulnerabilities for 'Payflow link'   RSS

2005-01-10
 
CVE-2004-1209

 

 
Verisign Payflow Link, when running with empty Accepted URL fields, does not properly verify the data in the hidden AMOUNT field, which allows remote attackers to modify the price of the items that they purchase.

 

 >>> Vendor: Verisign 4 Products
Payflow link
MPKI
I-nav
Kontiki delivery management system


Copyright 2024, cxsecurity.com

 

Back to Top