CVE-2015-2209 – DLGuard Full Path Disclosure (Information Leakage) Web Security Vulnerabilities

  CVE-2015-2209 – DLGuard Full Path Disclosure (Information Leakage) Web Security Vulnerabilities Exploit Title: DLGuard “/index.php?” “&c” parameter Full Path Disclosure Web Security Vulnerabilities Product: DLGuard Vendor: DLGuard Vulnerable Versions: v4.5 Tested Version: v4.5 Advisory Publication: January 18, 2015 Latest… Continue Reading

Paypal Online Website OAuth 2.0 Covert Redirect (OpenIDconnect) Web Security Bugs (Information Leakage & Open Redirect)

  Paypal Online Website OAuth 2.0 Covert Redirect (OpenIDconnect) Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: paypal.com   “PayPal is an American worldwide online payments system. Online money transfers serve as electronic alternatives to traditional paper methods… Continue Reading

LinkedIn Online Service OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  LinkedIn Online Service OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: linkedin.com   “LinkedIn /ˌlɪŋkt.ˈɪn/ is a business-oriented social networking service. Founded in December 2002 and launched on May 5, 2003, it is… Continue Reading

GitHub Online Website OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  GitHub Online Website OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)     (1) Domain: github.com   “GitHub is a web-based Git repository hosting service, which offers all of the distributed revision control and source… Continue Reading

Sina OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Sina OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)   (1) Domain: sina.com     “Sina (新浪) is a Chinese online media company for Chinese communities around the world. Sina operates four major business lines: Sina… Continue Reading

Alibaba Alipay Online Website OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Alibaba Alipay Online Website OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)     (1) Domain: alipay.com   “Alipay.com is a third-party online payment platform with no transaction fees. It was launched in China in… Continue Reading

Mail.ru Online Service OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Mail.ru Online Service OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: mail.ru     “Mail.Ru Group (London Stock Exchange listed since November 5, 2010) is a Russian Internet company. It was started in… Continue Reading

Tencent QQ OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Tencent QQ OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)       (1) Domain: qq.com     “Tencent QQ, popularly known as QQ, is an instant messaging software service developed by Chinese company Tencent Holdings… Continue Reading

Google Online Service OpenID Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

    Google Online Service OpenID Covert Redirect Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: google.com   “Google has been estimated to run more than one million servers in data centers around the world (as of 2007).… Continue Reading

Sohu OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Sohu OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: sohu.com   “Sohu, Inc. (Chinese: 搜狐; pinyin: Sōuhú; literally: “Search-fox”) is a Chinese Internet company headquartered in the Sohu Internet Plaza in Haidian District, Beijing.… Continue Reading