WebApp Sec mailing list archives
PayPal Manager Admin Account Hijack
From: Mark Litchfield <mark () securatary com>
Date: Wed, 14 May 2014 18:48:19 -0700
Hi All,I have just released a new vulnerability at http://www.securatary.com/vulnerabilities outlining a hack on http://manager.paypal.com that in the end allowed full admin access.
PayPal were very quick to fix this issue, so nice job PayPal Security / Engineering team
-- All the best Mark Litchfield http://www.securatary.com Twitter - http://twitter.com/securatary This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE.Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
Current thread:
- PayPal Manager Admin Account Hijack Mark Litchfield (May 14)
- Re: PayPal Manager Admin Account Hijack Daniel Kester (May 15)