Kartpay: Disclosure of Merchant_id into the source code without entered OTP code leads to Victims MID takeover.

The System Encryption for the merchant registration was revealing the details which can be further exploitable for the Registration of the merchant. After sharing the details by the @bugera it was fixed by the team...

Kartpay: Admin/Info lekage

The Administrator System was opened in public which can be misused by anyone so to avoid a Security system has been implemented to allow from limited Ip address only...

Kartpay: bypass captcha in the form forgot password

Summary: In this issue I can bypass Captcha Protection in the Forgot Password form. Browsers Verified In: firefox url: https://affiliate.kartpay.com/ url vulnerable: https://affiliate.kartpay.com/forgotpassword Steps To Reproduce: 1-Enter your email in the forgot password parameter. 2-complet...

Kartpay: Referer issue in Kartpay.com

on https://Kartpay.com. The Issue of Referer was Fixed earlier before reporting this issue again but on finding the root cause it was found that the Code is perfect but the Sequence of code / Priority of code has changed which leads to Referer issue again. So The Sequence of Code has changed to...

Kartpay: XSS in https://merchant.kartpay.com/settlements

Parameter Search Payload " URL https://merchant.kartpay.com/settlements Steps to reproduce 1. Go to URL: https://merchant.kartpay.com/settlements 2. Enter above payload. 3. You will see xss payload getting executed. F535235 F535234 F535236 Impact Cross-site scripting is a flaw that allows users t...

Kartpay: Reflected XSS on https://merchant.kartpay.com/payment_settings [status]

Vulnerable URL https://merchant.kartpay.com/paymentsettings/type Parameter status Payload " Steps to Reproduce 1. Login with your credentials. 2. Go to https://merchant.kartpay.com/paymentsettings 3. Start Burp suite proxy and intercept on. 4. Click on Run and Save button. intercept the request. ...

Kartpay: URl redirection

In the following post HTTP request while registering for merchant POST /register HTTP/1.1 Host: merchant.kartpay.com User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:67.0 Gecko/20100101 Firefox/67.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language:...

Kartpay: Option method enabled in kartpay Webservers

HTTP OPTIONS method is enabled on this web server. The OPTIONS method provides a list of the methods that are supported by the web server, it represents a request for information about the communication options available on the request/response chain identified by the Request-URI. Domain :...

Kartpay: Application Design issue for Phone Number field in Registration.

The current system only works for India so ISD Code of India i.e +91 is mandatory for Registration. During the Registration system was accepting any country ISD code due to Request was not validated by the system instead whatever sent through client-side modification is accepted. So the Strict...

Kartpay: Bypass _token in forms [Merchant.Kartpay.com ]

Summary: I found a issue in froms related to the Merchant.Kartpay.com domain and it allow to bypassing token. Browsers Verified In: Firefox 68 Steps To Reproduce: 1. Go To Login or any form https://merchant.kartpay.com/merchantlogin 2. Fill form and Intercept in burpsuite next click on LOGIN 3...

Kartpay: Captcha protection Bypass on Forgot password page

The Captcha system was implemented by Validation of Captcha was missed out during the forgot password. so it was found out and fixed has been released to the system. Captcha bypass by removing the token and forward the response...

Kartpay: Application Error disclosure, Verification token seen error and user able to change password

Summary: Application Error disclosure, Verification token seen error and user able to change password Browsers Verified In: Broswer version: Google Chrome is up to date Version 75.0.3770.100 Official Build 64-bit Steps To Reproduce: add details for how we can reproduce the issue Steps to reproduc...

Kartpay: SMTP Failure Leads to Chain of Internal System Failure

Kartpay Application uses the third Party SMTP Service to send the Email and while using the same application was not coded properly to handle the failure of SMTP. So it has been implemented once it was found and reported...