Dashboard

Privilege Escalation

Severity: High
Bug ID: 778
Researcher: poseidon
Status: Disclosed
Submitted: 08/24/2018

Description:

https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=WNFU87G7CPVAU&lc=US&item_name=Sn1per%20Professional&item_number=0001&amount=20%2e00&currency_code=USD&button_subtype=services&tax_rate=0%2e000&shipping=0%2e00&bn=PP%2dBuyNowBF%3abtn_buynowCC_LG%2egif%3aNonHosted the amount can be altered and it is not reexamined later

Affected URL:

https://xerosecurity.com/ordering.html

Affected Params:

the link to paypal

Bug Evidence:

already provided to the head


Bug Recommendation:

Revalidate the payments amount before sending license

Direct Chat

5
poseidon 08/24/2018
Message User Image
submitted a Privilege Escalation bug to xerosecurity
xerosecurity 08/24/2018
Message User Image
awarded 20 points to poseidon for a Privilege Escalation bug
xerosecurity 08/24/2018
Message User Image
Thanks again for letting us know. For the record, we've rewarded poseidon with a free copy of Sn1per Professional to keep as a reward and will be disclosing this report for reference.
xerosecurity 08/24/2018
Message User Image
closed a Privilege Escalation bug submitted by poseidon
xerosecurity 08/24/2018
Message User Image
disclosed a Privilege Escalation bug submitted by poseidon

Pending Bugs

ID Severity Vulnerability User Date Status
692High Authentication Bypass dia2diab 07/01/2015 Disclosed
778High Privilege Escalation poseidon 08/24/2018 Disclosed
641High Privilege Escalation daksh 12/05/2014 Disclosed
744High Privilege Escalation realn0j 09/06/2017 Disclosed
670High Remote Code Execution zoczus 05/06/2015 Disclosed
593Medium Buffer Overflow rockcena 12/01/2014 Disclosed
578Medium Cross Site Request Forgery sandeepv 11/30/2014 Disclosed
580Medium Cross Site Request Forgery sandeepv 11/30/2014 Disclosed
659Medium Reflected Cross Site Scripting pratap 12/16/2014 Disclosed
742Low Application Errors guifre 07/29/2017 Disclosed
724Low Session Security and Cookies testingcs 04/24/2016 Disclosed
706Informational Other zediwon 09/28/2015 Disclosed
707Informational Other behroz 10/06/2015 Disclosed