http://www.theregister.co.uk/2009/09...ecurity_snafu/
Looks like someone found a SQLi vulnerability in rbsworldpay published similar to the XSS one I published last week.
@JasonRocket if I get time I'll teach everyone how to hack their website so that they can see the cancel page repeatedly, I was doing that this morning, but it's a bit involved.
@khalilm - if they mention PCI DSS one more time I probably kille someone, as I demonstrated here, they don't understand it, and "a bad man" (especially since just know someone published the template details and locations) could just shove a form up demanding more money on behalf of worldpay.
(note there's nothing wrong with us knowing our template details nor how to change them, in fact we should know this information)
Results 1 to 10 of 730
Threaded View
-
11 Sep 2009, 04:06 PM #11
Suspended
- Join Date
- Sep 2008
- Posts
- 605
- Plugin Contributions
- 6
Re: WorldPay Module version 2.0 - Support thread
Similar Threads
-
MultiSite Module Support Thread
By Gerome in forum All Other Contributions/AddonsReplies: 2237Last Post: 9 May 2025, 03:20 AM -
v154 WorldPay Module version 3.0 - Support thread
By countrycharm in forum Addon Payment ModulesReplies: 115Last Post: 20 Jul 2021, 04:00 PM -
v151 Codetrio Sphinx Search Version 1.0 Support Thread
By imranulh in forum All Other Contributions/AddonsReplies: 5Last Post: 16 Jul 2014, 01:24 AM -
Simple SEO URL (OLD version) [support thread]
By yellow1912 in forum All Other Contributions/AddonsReplies: 5053Last Post: 30 Jun 2014, 02:42 PM
Bookmarks