Monday, February 4, 2013
The expert identified a serious vulnerability in the PayPal website
According to experts, the identified errors (blind introduction of SQL-code) has allowed him to have access to the database notification system PayPal.
Prakhar Prasad immediately got in touch with the Paypal Security Team, reported the detection of vulnerabilities. The researcher points out, PayPal responded very promptly. Prasad says that he revealed the vulnerability was closed the next day after he went to the Paypal Security Team. We know that for vulnerability information from Paypal expert was $ 3,000 (2,250 euros).
This case can be considered as another good example of the effectiveness of the awards for "catching" errors and vulnerabilities, conducting PayPal in the middle of last year. Previously, such a system of rewards for information about errors and vulnerabilities in their own systems and products introduced Google, Facebook, Mozilla, Samsung and other companies.