Farhan Ghumra found Critical Vulnerability in Payment Portal of PayPal

Farhan Ghumra, A Computer Engineering Student from Rajkot, India  found Critical Vulnerability in Payment Portal PayPal. Websites having PayPal portal for payment can easily be bypassed by Java Script. The JavaScript will bypass the payment page and redirect the user to download page for products like software, e-Books and so on. He also reported the Paypal Authority about this flaws.

According to Farhan:-

"...JavaScript is so simple. It just redirect the user by fetching the download page from website’s source code.


javascript:top.location=document.getElementsByName(‘return’)[0].value;javascript:void(0);


Moreover the JavaScript is floating around various blogs and forums. Apart from them a lot of video tutorial are uploaded on YouTube. The infected websites can easily be searched by this Google dork


“this order button requires a javascript enabled browser”


Google list a whopping 1,390,000 results. So this number of sites are at risk easy to be exploit. The internet is flooding with this vulnerability & it’s exploit, but the biggest question is that the PayPal, which is considered the most secure payment service doesn't get attention till now about this theft..."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info. Thank You ! -Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You! -Team VOGH

Categories:

0 comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...