Category Archives: Web Research

eBay Covert Redirect Web Security Bugs Based on Googleads.g.doubleclick.net

eBay Covert Redirect Vulnerability Based on Googleads.g.doubleclick.net (1) WebSite: ebay.com “eBay Inc. (stylized as ebay, formerly eBay) is an American multinational corporation and e-commerce company, providing consumer to consumer & business to consumer sales services via Internet. It is headquartered … Continue reading

Posted in 0Day, Covert Redirect, Web Research | Tagged , , , , , , , , , | Leave a comment

phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

Originally posted on IT Swift – Know IT News Swiftly:
? phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities ? Exploit Title: phpwind v8.7 goto.php? &url Parameter XSS Security Vulnerabilities Product: phpwind Vendor: phpwind Vulnerable Versions: v8.7 Tested Version: v8.7…

Posted in IT Computer & Web, Web Research | Tagged , , , , , , , , , , , , , , , , , , | Leave a comment

CVE-2015-2243 Webshop hun v1.062S Directory Traversal Web Security Vulnerabilities

  CVE-2015-2243 Webshop hun v1.062S Directory Traversal Web Security Vulnerabilities Exploit Title: CVE-2015-2243 Webshop hun v1.062S /index.php &mappa Parameter Directory Traversal Web Security Vulnerabilities Product: Webshop hun Vendor: Webshop hun Vulnerable Versions: v1.062S Tested Version: v1.062S Advisory Publication: March 01, … Continue reading

Posted in CVE, Directory Traversal, Hacker Exploit, IT Information Technology, Web Research, Website Testing | Tagged , , , , , , , , , , , , , | Leave a comment

Covert Redirect Mengancam OAuth 2.0 dan OpenID

Originally posted on INZEED Business Information & Counsel:
Covert Redirect Mengancam OAuth 2.0 dan OpenID Pada Jumat lalu, Wang Jing, seorang mahasiswa program PhD di Nanyang Technological University di Singapura, menerbitkan sebuah laporan yang memjabarkan tentang metode serangan yang disebut…

Posted in Articles, Web Research | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

About Group 超过 99.88% 的链接容易遭受 XSS 和 XFS 攻击

  About Group 网站有一个严重的网络安全问题,它容易遭受 XSS (跨站脚本漏洞) XFS (跨Frame脚本漏洞)。这对它的近10亿月访问用户是灾难和毁灭性的。   根据漏洞研究者发布的结果和POC视频,所有About.com的话题(子域名)都可以被攻击者利用。   新加坡南洋理工大学 (NTU) 数学和物理学院 (SPMS) 数学系 (MAS) 的王晶 (Wang Jing) 发布了这个严重的安全漏洞。王晶声称在2014年10月19号,他向 About Group 做了报告,但是迄今为止一直没有收到回复。漏洞的发布时间是2015年2月2号。“到现在为止,漏洞还没有被修复” 王晶说。   与此同时,王晶披露 About.com 主页面的搜索域也容易遭受 XSS 攻击。除此之外,他还发布了一些 About.com 的公开重定向漏洞 (Open Redirect). 王说他的测试是在 Windows 8 的 IE … Continue reading

Posted in Articles, IT Computer & Web, Web Research | Tagged , , , , , , , , , , , , , , , , , | Leave a comment

CVE-2014-2230 – OpenX Dest Redirect Privilege Escalation Web Security Vulnerability

  CVE-2014-2230 – OpenX 2.8.10 Dest Redirect Privilege Escalation Web Security Vulnerability   Exploit Title: OpenX Dest Redirect Privilege Escalation Web Security Vulnerability Product: OpenX Vendor: OpenX Vulnerable Versions: 2.8.10 and probably prior Tested Version: 2.8.10 Advisory Publication: October 06, … Continue reading

Posted in 0Day, Web Research | Tagged , , , , , , , , , , , , , , , , , , | Leave a comment

Sohu OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Sohu OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: sohu.com   “Sohu, Inc. (Chinese: 搜狐; pinyin: Sōuhú; literally: “Search-fox”) is a Chinese Internet company headquartered in the Sohu Internet Plaza in Haidian … Continue reading

Posted in 0Day, Covert Redirect, Web Research | Tagged , , , , , | Leave a comment