CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7992

Heartland Payment Systems Payment Gateway PHP SDK hps/heartland-php v2.8.17 is vulnerable to a reflected XSS in examples/consumer-authentication/cruise.php via the URI, as demonstrated by the cavv parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.0%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2017-7992

Heartland Payment Systems » Heartland-Php » Version: N/A

cpe:2.3:a:heartland_payment_systems:heartland-php:-
Heartland Payment Systems » Heartland-Php » Version: 2.0.2

cpe:2.3:a:heartland_payment_systems:heartland-php:2.0.2
Heartland Payment Systems » Heartland-Php » Version: 2.1.1

cpe:2.3:a:heartland_payment_systems:heartland-php:2.1.1
Heartland Payment Systems » Heartland-Php » Version: 2.2.1

cpe:2.3:a:heartland_payment_systems:heartland-php:2.2.1
Heartland Payment Systems » Heartland-Php » Version: 2.3.1

cpe:2.3:a:heartland_payment_systems:heartland-php:2.3.1
Heartland Payment Systems » Heartland-Php » Version: 2.4.1

cpe:2.3:a:heartland_payment_systems:heartland-php:2.4.1
Heartland Payment Systems » Heartland-Php » Version: 2.5.1

cpe:2.3:a:heartland_payment_systems:heartland-php:2.5.1
Heartland Payment Systems » Heartland-Php » Version: 2.6.1

cpe:2.3:a:heartland_payment_systems:heartland-php:2.6.1
Heartland Payment Systems » Heartland-Php » Version: 2.7.1

cpe:2.3:a:heartland_payment_systems:heartland-php:2.7.1
Heartland Payment Systems » Heartland-Php » Version: 2.8.1

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.1
Heartland Payment Systems » Heartland-Php » Version: 2.8.10

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.10
Heartland Payment Systems » Heartland-Php » Version: 2.8.11

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.11
Heartland Payment Systems » Heartland-Php » Version: 2.8.12

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.12
Heartland Payment Systems » Heartland-Php » Version: 2.8.13

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.13
Heartland Payment Systems » Heartland-Php » Version: 2.8.14

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.14
Heartland Payment Systems » Heartland-Php » Version: 2.8.15

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.15
Heartland Payment Systems » Heartland-Php » Version: 2.8.16

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.16
Heartland Payment Systems » Heartland-Php » Version: 2.8.17

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.17
Heartland Payment Systems » Heartland-Php » Version: 2.8.2

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.2
Heartland Payment Systems » Heartland-Php » Version: 2.8.3

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.3
Heartland Payment Systems » Heartland-Php » Version: 2.8.4

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.4
Heartland Payment Systems » Heartland-Php » Version: 2.8.5

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.5
Heartland Payment Systems » Heartland-Php » Version: 2.8.6

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.6
Heartland Payment Systems » Heartland-Php » Version: 2.8.7

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.7
Heartland Payment Systems » Heartland-Php » Version: 2.8.8

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.8
Heartland Payment Systems » Heartland-Php » Version: 2.8.9

cpe:2.3:a:heartland_payment_systems:heartland-php:2.8.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7992

Products

Pricing

Contact Us