The Hacka Man
Thursday, November 1, 2007
Paypal CRMgateway XSS
Paypal used to suffer from a lot from phishing attacks in the past and i bet even today, the bad guys are finding ways to exploit this hole to get more money. I was again playing around and i managed to find a XSS hole in paypal's crmgateway. Well, it seems like paypal never learn their lesson in the past and still allows for injections. Anyway, i had already cancelled my account with paypal because of their bad service and unforgivable mistake they made. Good luck paypal.
The Hacka Man
The Hacka Man
Subscribe to:
Post Comments (Atom)
7 comments:
big LOL.
Really.. i can´t undestand how web´s like (specialy)paypal have this flags of security...
Really SAD.
Cheers,
Its normal
hackathology
I have a question, does the parameter you modified gets stored in their database or it's just one parameter used during the displaying?
its not stored on the database but however it is recorded in the web server logs
hackathology
it´s normal? dont fuc...!
I can´t undestand you how you use IE :P
it's probably just a parameter set to print out on screen, XSS does not constitute anything if it does not go into persistent storage or has a means to be sent to a 3rd party. that said if you put a bad code in that javascript the only person who will see it is YOU. this ain't a valid XSS issue in practical sense. many sites pass error messages this way FYI.
SEO まだわかりません。 着サイト情報は
SEO対策で サイトの問題点を比較・分析、効果的なSEO対策を行って、または
seoツールにご利用下さい、このサイト検索エンジンの地位があります。
seoツール
SEO
SEO対策
SEO
SEO対策
SEO
SEO対策
SEO
SEO対策
SEO
SEO対策
SEO
SEO対策
SEO
SEO対策
SEO
SEO対策
SEO
SEO対策
SEO
SEO対策
SEO
SEO対策
SEO
SEO対策
SEO
SEO対策
Post a Comment