TeleGraph All Photo (Picture) Pages Have Been Vulnerable to XSS Cyber Attacks

TeleGraph All Photo (Picture) Pages Have Been Vulnerable to XSS Cyber Attacks Website Description: http://www.telegraph.co.uk   “The Daily Telegraph is a British daily morning English-language broadsheet newspaper, published in London by Telegraph Media Group and distributed throughout the United Kingdom… Continue Reading

New York Times nytimes.com Page Design XSS Vulnerability (Almost all Article Pages Before 2013 are Affected)

The New York Times  Old Articles Can Be Exploited by XSS Attacks (Almost all Article Pages Before 2013 Are Affected)   Domain: http://www.nytimes.com/   “The New York Times (NYT) is an American daily newspaper, founded and continuously published in New… Continue Reading

CVE-2014-2230 – OpenX Dest Redirect Privilege Escalation Web Security Vulnerability

CVE-2014-2230 – OpenX 2.8.10 Dest Redirect Privilege Escalation Web Security Vulnerability     Exploit Title: OpenX Dest Redirect Privilege Escalation Web Security Vulnerability Product: OpenX Vendor:  OpenX Vulnerable Versions: 2.8.10 and probably prior Tested Version: 2.8.10 Advisory Publication: October 06, 2014 Latest… Continue Reading

Covert Redirect Vulnerability

Covert Redirect Vulnerability  Covert Redirect is an application that takes a parameter and redirects a user to the parameter value WITHOUT SUFFICIENT validation. This is often the of result of a website’s overconfidence in its partners. In another word, the… Continue Reading

Oracle Access Manager (OAM) Vulnerabilities

Oracle Access Manager (formerly known as Oblix NetPoint and Oracle COREid) provides a full range of identity administration and security functions, that include Web single sign-on; user self-service and self-registration; sophisticated workflow functionality; auditing and access reporting; policy management; dynamic… Continue Reading

Paypal Online Website OAuth 2.0 Covert Redirect (OpenIDconnect) Web Security Bugs (Information Leakage & Open Redirect)

  Paypal Online Website OAuth 2.0 Covert Redirect (OpenIDconnect) Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: paypal.com   “PayPal is an American worldwide online payments system. Online money transfers serve as electronic alternatives to traditional paper methods… Continue Reading