Product

Google Checkout Php 1.3.0


View All Versions

Security Grade

439

of 1000

SECURITY GRADE

Vulnerability History

Weakness Analysis

Related Vulnerabilities

Vulnerability Severity Score Release Date Summary
CVE-2011-5238 5.8 Nov. 6, 2012

google-checkout-php-sample-code before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Followers