CVE-2013-0118

Name of the Vulnerable Software and Affected Versions CS-Cart versions prior to 3.0.6

Description The issue allows remote attackers to modify the payment recipient when PayPal Standard Payments is configured. This is achieved by altering the merchant's e-mail address, potentially allowing an attacker to redirect payments to themselves.

Recommendations For versions prior to 3.0.6, update to version 3.0.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the PayPal Standard Payments configuration until the update is applied.