View RSS Feed

ajaysinghnegi

  1. How I was able to Read & Download Paypals X.com Users Private Email Attachments

    [B][LEFT]Paypals X.com Failure to Restrict Url Access Vulnerability
    [/LEFT]
    [/B]
    [LEFT]I want to share one of my finding on Paypals X.com which I have reported to them in 3 January 2013.

    [/LEFT]
    I have found that Paypal X.com following Url [URL]https://www.x.com/sites/default/files/failure_to_restrict_url_vul_for_any_attachments.txt[/URL] was vulnerable to Failure to Restrict Url Access Vulnerability as the email Attachments Url can be accessed without Login ...