Web Application Security
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
PayPal Manager Admin Account Hijack May 15 2014 01:48AM
Mark Litchfield (mark securatary com)
Hi All,

I have just released a new vulnerability at
http://www.securatary.com/vulnerabilities outlining a hack on
http://manager.paypal.com that in the end allowed full admin access.

PayPal were very quick to fix this issue, so nice job PayPal Security /
Engineering team

--
All the best

Mark...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus