Web Application Security
Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
PayPal Manager Admin Account Hijack
May 15 2014 01:48AM
Mark Litchfield (mark securatary com)
I have just released a new vulnerability at
http://www.securatary.com/vulnerabilities outlining a hack on
http://manager.paypal.com that in the end allowed full admin access.
PayPal were very quick to fix this issue, so nice job PayPal Security /
All the best
[ more ]
Copyright 2010, SecurityFocus