Filter Bypass & Profile Code Execution fixed during Infrastructure Upgrades (PayPal)
In 2013 the core team member and ceo benjamin kunz mejri discovered a filter bypass and code execution vulnerability that was exploitable through a referer get request by the paypal api. The issue has been reported to paypal inc company in 2013 but the security officials was first unable to reproduce the bug. During some time has passed we continued to explain the officials with various methods and examples the impact of the issue. In 2014 we received a message back that the issue has been patched by multiple internal infrastructure upgrades.
Advanced Persistent Threat Golden_hands - Digital Bank Robbery of the Year 2020
Facebook Security - 12.500$ Bug Bounty reward to Security Researcher
Bug Bounty Program Award Winners 2014 - Exclusive Interview by Microsoft & PayPal
Shopify | Buy Button | Persistent Embed POST Inject Vulnerability