2175 matches found
PHP Jobsite 1.36 Cross Site Scripting
Exploit for php platform in category web applications PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities Introduction: ============= PHP-Jobsite v1.36 Content Management System. Recruitment software made Easy. PHP-Jobsite - Price US - $299 Software Overview: - Run your own job software...
Apple Receives NFC Patent, But Takes It Slow with Mobile Payments
Apple was granted a patent on Tuesday by the United States Patent and Trademark Office for a Near Field Communications NFC-enabled travel management application, furthering speculation that the company is readying mobile payment technology for future versions of its iPhone product. The Web site...
Mobile Payments: Is Security Taking a Back Seat?
As smartphone technology evolves so does the way we access and interact with the Internet. Today your smartphone is used both as a phone and a computer. For many users, in 3-5 years your smartphone will also become your wallet. With new applications being developed daily, the mobile payments mark...
Global Payments Hack May Have Exposed Information On Individuals, Also
Payment processor Global Payments acknowledged Tuesday that a breach at the company announced in early March may have affected individual consumers, as well as merchants. In an update to its 2012infosecurityupdate.com site, the Atlanta-based company wrote that an ongoing investigation “revealed...
Global Payments Breach A Year Older Than First Reported
Alerts issued by Visa and Mastercard earlier this week suggest that a breach at payment processor Global Payments dates to January 2011, a full year earlier than the company initially announced. In alerts obtained by Bankinfosecurity.com, the two card companies claim the start of the security...
Kickstarter Data Breach Publishes 70,000 Startup Ideas
An application programming interface API error on the popular Kickstarter crowdfunding website exposed the plans and descriptions of more than 70,000 yet-to-be launched projects. The API bug exposed project descriptions, goals, durations, rewards, videos, images, locations, categories, and...
Global Payments Hack Could Span to June 2011, Affect Over 1.5M Cards
The data breach that hit payment processor Global Payments earlier this year could have dated back to June 2011, launching speculation over whether more credit card numbers were stolen than initially reported. Several alerts issued by Visa and Mastercard, obtained by KrebsonSecurity.com, suggest...
idev-Payments 1.0 Cross Site Request Forgery
Exploit Title: idev-Payments 1.0 CSRF Author: Jonturk75 Vendor or Software Link: http://idevspot.com/ Category:: webapps Demo : http://idevspot.com/demos/idev-payments/admin Greetz: Inj3ct0r Exploit DataBase 1337day.com ShowHide...
How to Make a Data Breach Disappear
For companies that are in the business of collecting, storing or monetizing user data or processing large numbers of transactions, it’s a matter of when, not if, they will suffer a major compromise or data loss. Most recently the giant wheel of pain stopped on Global Payments, but a weird thing...
idev-Payments 1.0 CSRF Vulnerability
Exploit for php platform in category web applications Exploit Title: idev-Payments 1.0 CSRF Author: Jonturk75 Vendor or Software Link: http://idevspot.com/ Category:: webapps Demo : http://idevspot.com/demos/idev-payments/admin Greetz: Inj3ct0r Exploit DataBase 1337day.com ShowHide 0day.today...
Global Payments Says 1.5 Million Cards May Be Affected By Breach
UPDATED–Global Payments, the payment-processing company that was the victim of a massive data breach revealed last week, said that the attack appears to have compromised something less than 1.5 million credit card numbers and that the attack looks to have been isolated to the network in North...
Global Payments Inc. Acknowledges Breach
Following previous announcements from Visa and Mastercard, electronic credit card processor Global Payments Inc. acknowledged late Friday that its system was breached earlier this year. Global Payments announced via press release that a portion of its processing system had been compromised in ear...
Want lunch? Palm it over
Fed up with using swipe cards and PINs for their students’ lunch payments, a school board district in Clearwater, Fla. recently partnered with microelectronic company Fujitsu to use palm vein readers for nearly half of their 102,000 students. Pinellas County School Board District spent $120,000 t...
PayPal Revises Privacy Policy, User Agreement Policy
PayPal announced that it is changing both its privacy and user agreement policies, adding tweaks to its customer identification program and the way it collects and stores its customers’ personal information. The changes will take effect on April 1. Under the new policy, Paypal may collect...
Google Reacts to Google Wallet Security Issues
Google has temporarily disabled the provisioning of prepaid cards as the company deals with the fallout from the discovery of security vulnerabilities affecting Google Wallet. Google Wallet is a mobile payment application that enables users to store information such as credit cards on their mobil...
CVE-2010-4992
SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html...
Sql injection
SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html...
CVE-2010-4992
SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html...
CVE-2010-4992
SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html...
CVE-2010-4992
The CVE-2010-4992 entry describes an SQL injection in the Joomla! Payments Plus component version 2.1.5, exploitable via the type parameter in add.html. The vulnerability arises from unsafely handling user input, allowing remote attackers to craft arbitrary SQL commands. Documents confirm affecte...