← Back

Paypal Pro

paypal_pro

Vendor: Paypal • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2012-5796
2Oscommerce
Paypal
2Oscommerce
Paypal Pro
Apr 29, 2026
Nov 4, 2012
N/A· v4
N/A· v3
5.8 MEDIUM· v2
The PayPal Pro module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attack...Show more
The PayPal Pro module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.Show less