Headline
CVE-2022-34064: zibal
The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
Project description
Zibal Payment Gateway
Installation
Zibal Payment pacakge requires Requests to run.
Install the package using pip
$ pip install zibal
For upgrading to newer versions
$ pip install zibal --upgrade
Usage
You can send a request and verify your payment using this package. Also you can use this package to translate the result codes to printable messages Pass your merchant_id and callback url while creating a zibal instance
import zibal.zibal as zibal
merchant_id = ‘Your merchant id, use zibal for testing’ callback_url = ‘https://yourdomain.com/callbackUrl’
zb = zibal.zibal(merchant_id, callback_url) amount = 30000 # IRR request_to_zibal = zb.request(amount)
Now you can access the parameters using
track_id = request_to_zibal[‘trackId’] request_result_code = request_to_zibal[‘result’]
Pass the result code to the translator function "requeset_result(result_code)" to create printable output Python3 example:
print(zb.request_result(request_result_code))
Verify the payment using the verify function
verify_zibal = zb.verify(track_id) verify_result = verify_zibal[‘result’]
Now you can access the parameters using
ref_number = verify_zibal[‘refNumber’] verify_result_code = verify_zibal[‘result’]
Pass the result code to the translator function "verify_result(result_code)" to create printable output Python3 example:
print(zb.verify_result(verify_result_code))
Download files
Download the file for your platform. If you’re not sure which to choose, learn more about installing packages.
Source Distribution****Built Distribution