Tuesday, December 24, 2013

PayPal : User Credit Card Information Disclosure

Posted by Yogesh  
Tagged as:
10:21 AM

Okay... So, here is another one old & duplicate bug from PayPall, which I reported looooong back.

I have found some strange results of api-3t.sandbox.paypal.com. This sub domain is storing all credit card information of paypal user in URL. Below is the google dork for finding such “stored” CC details.

Google Dork: site:sandbox.paypal.com inurl:CVV2=

Google results are not much, nearly 80, but still harmful as sensitive user information is getting leaked.

About the Author

Write admin description here..


What they says

Proudly Powered by Blogger.
back to top