02 Jul 2018
Credit Card number disclosure
02 Jul 2018
A credit card is a payment card issued to users to enable the cardholder to pay a merchant. There are servers that disclose the Credit Card number of the users. Displaying the whole 16 digits credit card number is disclosing of sensitive information. This is strictly forbidden to secure cardholder’s money. On the internet, a user uses his credit card to perform online purchases. An attacker will use different ways to compromise the credit card details from the users. If the attacker is successful in getting the credit card number, he can buy products from the internet using his number.
Impact
Using this vulnerability, an attacker can:-
- access information about a user using the credit card number. This situation is a loss of personal data.
- make unauthorised purchases. This Compromises the security of the user.
Mitigation / Precaution
Beagle recommends the following fixes:-
- Try not to expose the Credit card numbers on the application’s website.
Latest Articles
Htaccess Bypass
April 30 2021
Insecure File Upload
April 27 2021
Remote Code Execution (RCE)
April 8 2021
Building Application Security in the Azure DevOps Pipeline
February 10 2021
Popular in Injection
Union Query SQL Injection (SQLi)
July 4 2018
Stacked Queries SQL Injection (SQLi)
July 4 2018
SQL injection(SQLi)
July 4 2018
Inline Queries SQL Injection (SQLi)
July 4 2018
Error based SQL Injection (SQLi)
July 4 2018
Categories
Client Side URL Redirect HSTS Cookies Attributes IBM SQL injection injection Time Based Blind SQL Injection SSL Injection CRLF Content Security Policy CSRF CORS Information Leakage status code SRI metadata X-XSS-Protection owasp Clickjacking XSS Cookies Directory traversal DOM XSS RFI SQL Injection Blind SQL Injection XML Injection blog Web Server TLS WordPress web security SMB Cyber attacks AI Web server Wordpress DATA SECURITY DOMECTF2020 Container security CMS Security Data Security Code Execution Content security policy Htaccess
Latest Articles
