CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,638 vulnerabilities with CWE-20
CVE-2012-5807
Zen Cart Authorize.Net eCheck Module - Man-in-the-Middle Attack via Unvalidated SSL Certificate
CVE-2012-5806
PayPal Payments Pro - Man-in-the-Middle Attack via Improper Certificate Validation
CVE-2012-5805
Zen Cart PayPal IPN - Certificate Hostname Validation Bypass
CVE-2012-5804
CyberSource Module for Ubercart - Man-in-the-Middle Attack via Improper Certificate Validation
CVE-2012-5803
Ubercart Authorize.Net Module - Man-in-the-Middle Attack via SSL Certificate Spoofing
CVE-2012-5802
Ubercart PayPal Module - Server Certificate Hostname Validation Bypass
CVE-2012-5801
PrestaShop PayPal Module - Man-in-the-Middle Attack via SSL Certificate Spoofing
CVE-2012-5800
PrestaShop eBay Module - SSL Certificate Hostname Validation Bypass
CVE-2012-5799
PrestaShop Canada Post Module - Server Certificate Hostname Validation Bypass via fsockopen
CVE-2012-5798
osCommerce PayPal Pro PayFlow EC Module - SSL Certificate Hostname Validation Bypass
CVE-2012-5797
osCommerce PayPal Pro PayFlow Module - Man-in-the-Middle Attack via Improper Certificate Validation
CVE-2012-5796
osCommerce PayPal Pro Module - Server Certificate Hostname Validation Bypass
CVE-2012-5795
osCommerce PayPal Express Module - Man-in-the-Middle Attack via Unverified SSL Certificate
CVE-2012-5794
MoneyBookers - Man-in-the-Middle Attack via SSL Certificate Hostname Mismatch
CVE-2012-5793
osCommerce Authorize.Net Module - Man-in-the-Middle Attack via Improper Certificate Validation
CVE-2012-5792
osCommerce Sage Pay Direct Module - Man-in-the-Middle Attack via Unverified SSL Certificate
CVE-2012-5791
PayPal Invoicing - Man-in-the-Middle Attack via Unverified X.509 Certificate
CVE-2012-5790
PayPal Payments Standard PHP Library 20120427 - Improper Certificate Validation
CVE-2012-5789
PayPal Payments Standard PHP Library - Improper Certificate Validation
CVE-2012-5788
PayPal IPN - Server Certificate Hostname Validation Bypass via fsockopen
CVE-2012-5787
PayPal merchant_sdk - Improper Certificate Validation
CVE-2012-5786
Apache CXF < 2.6.17 - Man-in-the-Middle Attack via Improper Certificate Validation
CVE-2012-5785
Apache Axis2/Java < 1.6.2 - Man-in-the-Middle Attack via Unverified X.509 Certificate
CVE-2012-5784
Apache Axis <= 1.4 - Man-in-the-Middle Attack via SSL Certificate Hostname Mismatch
CVE-2012-5782
Amazon Flexible Payments Service PHP Library - SSL Server Spoofing via Improper Certificate Validation
Details
Vulnerabilities 12,638
Exploit Likelihood High