| Worldwide Server-side Cache Poisoning on All Akamai Edge Nodes ($50K+ Bounty Earned) |
|
|
|
| Vulnerability In PayPal worth 200000$ bounty, Attacker can Steal Your Balance by One-Click |
|
|
|
| PayPal IDOR via billing Agreement Token (closed Informative, payment fraud) |
|
|
|
| Hacking Swagger-UI - from XSS to account takeovers |
|
|
|
| Ping'ing XMLSec |
|
|
|
| Finding DOM Polyglot XSS in PayPal the Easy Way |
|
|
|
| Exploiting memory corruption vulnerabilities on Android |
|
|
|
| How I made to Paypal Bug Bounty $750 |
|
|
|
| Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies |
|
|
|
| The Bug That Exposed Your PayPal Password |
|
|
|
| Responsible denial of service with web cache poisoning |
|
|
|
| How PayPal helped me to generate XSS |
|
|
|
| Information Disclosure at PayPal and Xoom (PayPal Acquisition) via Simple Google Dork - 1,000 USD |
|
|
|
| Paypal bug $10K - All Secondary users account takeover leads to unauthorized money transfer from paypal business accounts |
|
|
|
| Bypassing CSP with policy injection |
|
|
|
| for PayPal security team,“get user balances and transaction details” is not a vulnerability! |
|
|
|
| An Unusual Bug 🐛 on Braintree [PayPal] |
|
|
|
| Blind XML External Entities Out-Of-Band Channel Vulnerability : PayPal Case Study |
|
|
|
| [PayPal BBP] I could’ve deleted All SMC messages. Using Brute-Force technique. |
|
|
|
| How I was able to list some internal information from PayPal #BugBounty |
|
|
|
| 5k$ for path traversal on *.paypal-corp.com subdomain |
|
|
|
| Persistent XSS to Steal Passwords – Paypal |
|
|
|
| Turning Self-XSS into non-Self Stored-XSS via Authorization Issue at “PayPal Tech-Support and Brand Central Portal |
|
|
|
| Bypassing the Current Password Protection at PayPal TechSupport Portal |
|
|
|
| Paypal Mobile Verification And Payment Restrictions Bypass |
|
|
|
writeups.xyz
/
Paypal