SQL Injection Vulnerability Affects PayPal Payment Systems
CVE-2024-33959
7.5HIGH
What is CVE-2024-33959?
The vulnerability presents an SQL injection flaw within the PayPal Credit Card and Debit Card Payment System, specifically affecting version 1.0. By crafting malicious SQL queries and targeting the 'categ' parameter in the '/admin/mod_reports/printreport.php' endpoint, an attacker could potentially access sensitive information stored in the database, leading to unauthorized data exposure. This exploitation highlights the importance of proper input validation and sanitization in web applications to mitigate such vulnerabilities.
Affected Version(s)
Janobe Debit Card Payment 1.0
Janobe PayPal 1.0
Janove Credit Card 1.0