Dear Sir,
I recently found out 13 more XSS vulnerabilities and Paypal shows no
response. I am not a bad guy. But please make them aware about this issue
before any skid play with this.
Regards,
Un0wn_X
Hello I saw about the paypal XSS vulnerability and I researched more and more.
I found out
Heya Robert,
So there's this pile of law around the world around work and kids; it's
a rather recent development that 18 year olds can find problems that
multibillion dollar interests are willing to pay bounties for. The laws
are all trying to protect you from being made to pick berries or
On Tue, May 28, 2013 at 8:26 AM, Dan Kaminsky d...@doxpara.com wrote:
So there's this pile of law around the world around work and kids; it's a
rather recent development that 18 year olds can find problems that
multibillion dollar interests are willing to pay bounties for.
I'm probably
On 28 May 2013 14:26, Dan Kaminsky d...@doxpara.com wrote:
The laws are all trying to protect you from being made to pick berries or
sew t-shirts instead of going to class and playing outside.
I'm pretty sure that a 17 year old can have a fulltime job in most
countries in the world, besides
It may also be that in many countries, including the US where PayPal is based,
it can be difficult to enter into a legally binding contract with a minor. In
many cases (with exceptions) a minor can void or exit a contract as they see
fit, so you enter into a contract with a minor at your own
I suppose PayPal just wants to stay clear of any possible legal
trouble/issues/complications. It's easier that way.
--
Kirils Solovjovs
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and
New tools and special PHDays releases.
Tools:
- profinet_scanner.py
- profinet_set_fuzzer.py
- s7_password_hashes_extractor.py
Slides:
“How to build your own Stuxnet” by SCADA StrangeLove team
“Industrial protocols for pentesters” by Alexander Timorin and Dmitry Efanov
On Tue, May 28, 2013 at 10:47 AM, Kirils Solovjovs
kirils.solovj...@kirils.com wrote:
I suppose PayPal just wants to stay clear of any possible legal
trouble/issues/complications. It's easier that way.
Well, I suppose they are going to fix the issue pointed out by Kugler
(and the additional
Here are some screenhots of PayPal's bounty denial:
http://zer0byte.com/wp-content/uploads/2013/05/xss-paypal3.png
http://zer0byte.com/wp-content/uploads/2013/05/xss-paypal1.png
http://zer0byte.com/wp-content/uploads/2013/05/xss-paypal2.png
Best regards,
Robert Kugler
Robert,
Paypal is actually a cool company and im sure they are not worried about
stiffing you on the money that is deserved from the bounty.
Dan actually had some cool words to say about the situation. The XSS is not
extremely complicated but it is good that you found it. Did they fix the
issue
On 2013.05.28. 18:16, Jeffrey Walton wrote:
On Tue, May 28, 2013 at 10:47 AM, Kirils Solovjovs
kirils.solovj...@kirils.com wrote:
I suppose PayPal just wants to stay clear of any possible legal
trouble/issues/complications. It's easier that way.
Well, I suppose they are going to fix the
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com
Zavio IP Cameras multiple vulnerabilities
1. *Advisory Information*
Title: Zavio IP Cameras multiple vulnerabilities
Advisory ID: CORE-2013-0302
Advisory URL:
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/
MayGion IP Cameras multiple vulnerabilities
1. *Advisory Information*
Title: MayGion IP Cameras multiple vulnerabilities
Advisory ID: CORE-2013-0322
Advisory URL:
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com
TP-Link IP Cameras Multiple Vulnerabilities
1. *Advisory Information*
Title: TP-Link IP Cameras Multiple Vulnerabilities
Advisory ID: CORE-2013-0318
Advisory URL:
-BEGIN PGP SIGNED MESSAGE-
CA20130528-01: Security Notice for CA Process Automation (CA PAM)
Issued: May 28, 2013
CA Technologies support is alerting customers to a vulnerability with
CA Process Automation (CA PAM). The vulnerability, CVE-2010-1871,
occurs in the bundled JBoss Seam
On Fri, May 24, 2013 at 12:38 PM, Robert Kugler
robert.kugle...@gmail.com wrote:
Hello all!
I'm Robert Kugler a 17 years old German student who's interested in securing
computer systems.
I would like to warn you that PayPal.com is vulnerable to a Cross-Site
Scripting vulnerability!
PayPal
16 matches
Mail list logo