Tag Archives: Open Redirect

eBay Covert Redirect Web Security Bugs Based on Googleads.g.doubleclick.net

eBay Covert Redirect Vulnerability Based on Googleads.g.doubleclick.net (1) WebSite: ebay.com “eBay Inc. (stylized as ebay, formerly eBay) is an American multinational corporation and e-commerce company, providing consumer to consumer & business to consumer sales services via Internet. It is headquartered … Continue reading

Posted in 0Day, Covert Redirect, Web Research | Tagged , , , , , , , , , | Leave a comment

phpwind v8.7 Unvalidated Redirects and Forwards Web Security Vulnerabilities

Originally posted on IT Swift – Know IT News Swiftly:
? phpwind v8.7 Unvalidated Redirects and Forwards Web Security Vulnerabilities ? Exploit Title: phpwind v8.7 goto.php? &url Parameter Open Redirect Security Vulnerabilities Product: phpwind Vendor: phpwind Vulnerable Versions: v8.7 Tested…

Posted in 0Day, Website Testing | Tagged , , , , , , , , , , , , , , , , , | Leave a comment

About Group 超过 99.88% 的链接容易遭受 XSS 和 XFS 攻击

  About Group 网站有一个严重的网络安全问题,它容易遭受 XSS (跨站脚本漏洞) XFS (跨Frame脚本漏洞)。这对它的近10亿月访问用户是灾难和毁灭性的。   根据漏洞研究者发布的结果和POC视频,所有About.com的话题(子域名)都可以被攻击者利用。   新加坡南洋理工大学 (NTU) 数学和物理学院 (SPMS) 数学系 (MAS) 的王晶 (Wang Jing) 发布了这个严重的安全漏洞。王晶声称在2014年10月19号,他向 About Group 做了报告,但是迄今为止一直没有收到回复。漏洞的发布时间是2015年2月2号。“到现在为止,漏洞还没有被修复” 王晶说。   与此同时,王晶披露 About.com 主页面的搜索域也容易遭受 XSS 攻击。除此之外,他还发布了一些 About.com 的公开重定向漏洞 (Open Redirect). 王说他的测试是在 Windows 8 的 IE … Continue reading

Posted in Articles, IT Computer & Web, Web Research | Tagged , , , , , , , , , , , , , , , , , | Leave a comment

Alibaba Taobao, AliExpress, Tmall, Online Electronic Shopping Website XSS & Open Redirect Security Vulnerabilities

Alibaba Taobao, AliExpress, Tmall, Online Electronic Shopping Website XSS & Open Redirect Security Vulnerabilities Domains Basics: Alibaba Taobao, AliExpress, Tmall are the top three online shopping websites belonging to Alibaba. Vulnerability Discover: Jing Wang, Division of Mathematical Sciences (MAS), School … Continue reading

Posted in IT News, Open Redirect, Phishing, XSS | Tagged , , , , , , , , , , , , , , , , | Leave a comment

Yahoo and Yahoo Japan May be Vulnerable to Spams

Yahoo and Yahoo Japan May be Vulnerable to Spams   Student security researcher Wang Jing from School of Physical and Mathematical Sciences at Nanyang Technological University, Singapore, has found new security vulnerabilities related to Yahoo. After reporting several Open Redirect … Continue reading

Posted in IT Computer & Web | Tagged , , , , , , , , , , , , , , , , , , , , , | Leave a comment

CNN Travel.cnn.com XSS and Ads.cnn.com Open Redirect Web Security Vulnerabilities

  CNN Travel.cnn.com XSS and Ads.cnn.com Open Redirect Web Security Vulnerabilities   Domain: http://cnn.com   “The Cable News Network (CNN) is an American basic cable and satellite television channel that is owned by the Turner Broadcasting System division of Time … Continue reading

Posted in Open Redirect, Spam, Website Testing, XSS | Tagged , , , , , , , , , , , , , , , , , | 5 Comments