Over the past period, security researchers from Vulnerability Lab have identified several serious flaws on the website of PayPal, the world-renowned payment processor.On Thursday, the company published a video detailing a few of them.
All the vulnerabilities presented in the video have been addressed by PayPal. However, you can take a look to see how cybercriminals could have exploited them if they had remained unpatched.
The latest bug identified by Vulnerability Lab in PayPal was a Blind SQL Injection which could have allowed attackers to inject and execute their own malicious SQL commands.
At the end of 2012, the researchers identified several persistent web vulnerabilities that could have been exploited to cause some serious damage. More details can be found here and here.