Paypal Bug Bounty #102 QRL - Auth Bypass Vulnerability

Document Title: =============== Paypal Bug Bounty 102 QRL - Auth Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=995 PayPal Security UID: ZVf25kC Release Date: ============= 2013-07-04 Vulnerability Laboratory ID VL-ID:...

tomcat6 Information disclosure in authentication classes

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /jsecuritycheck with malformed URL encoding of passwords, related to improper error checking in the 1...