Monthly Archives: June 2015

eBay Covert Redirect Web Security Bugs Based on Googleads.g.doubleclick.net

eBay Covert Redirect Vulnerability Based on Googleads.g.doubleclick.net (1) WebSite: ebay.com “eBay Inc. (stylized as ebay, formerly eBay) is an American multinational corporation and e-commerce company, providing consumer to consumer & business to consumer sales services via Internet. It is headquartered … Continue reading

Posted in 0Day, Covert Redirect, Web Research | Tagged , , , , , , , , , | Leave a comment

Google Covert Redirect Web Security Bugs Based on Googleads.g.doubleclick.net

  Bypass Google Open Redirect Filter Based on Googleads.g.doubleclick.net — Google Covert Redirect Vulnerability Based on Googleads.g.doubleclick.net       (1) WebSite: google.com   “Google is an American multinational technology company specializing in Internet-related services and products. These include online … Continue reading

Posted in 0Day, Covert Redirect, Website Testing | Tagged , , , , , , , , , , , | Leave a comment

The Weather Channel at Least 76.3% Links Vulnerable to XSS Attacks

      The Weather Channel at Least 76.3% Links Vulnerable to XSS Attacks     Domain Description: http://www.weather.com/   “The Weather Channel is an American basic cable and satellite television channel which broadcasts weather forecasts and weather-related news and … Continue reading

Posted in 0Day, Website Testing, XSS | Tagged , , , , , , , , , , , , , , , , | Leave a comment

The New York Times Old Articles Can Be Exploited by XSS Attacks (Almost all Article Pages Before 2013 Are Affected)

      Domain: http://www.nytimes.com/   “The New York Times (NYT) is an American daily newspaper, founded and continuously published in New York City since September 18, 1851, by the New York Times Company. It has won 114 Pulitzer Prizes, … Continue reading

Posted in 0Day, Website Testing, XSS | Tagged , , , , , , , , , , , , , , , , , | Leave a comment

Mozilla Online Website Two Sub-Domains XSS (Cross-site Scripting) Bugs ( All URLs Under the Two Domains)

    Domains: http://lxr.mozilla.org/ http://mxr.mozilla.org/ (The two domains above are almost the same)   Websites information: “lxr.mozilla.org, mxr.mozilla.org are cross references designed to display the Mozilla source code. The sources displayed are those that are currently checked in to the … Continue reading

Posted in Website Testing, XSS | Tagged , , , , , , , , , , , , , , , , | Leave a comment

All Links in Two Topics of Indiatimes (indiatimes.com) Are Vulnerable to XSS (Cross Site Scripting) Attacks

    (1) Domain Description: http://www.indiatimes.com “The Times of India (TOI) is an Indian English-language daily newspaper. It is the third-largest newspaper in India by circulation and largest selling English-language daily in the world according to Audit Bureau of Circulations … Continue reading

Posted in Website Testing, XSS | Tagged , , , , , , , , , , , , , , , , | Leave a comment

CXSecurity WLB-2015040034 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Web Security Vulnerabilities

  CXSecurity WLB-2015040034 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Web Security Vulnerabilities   Exploit Title: 6kbbs Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: April 02, … Continue reading

Posted in CSRF, CXSecurity, Web Application | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment