Google DoubleClick.net(Advertising) System URL Redirection Vulnerabilities Can be Used by Spammers

  Google DoubleClick.net (Advertising) System URL Redirection Vulnerabilities Could Be Used by Spammers   Although Google does not include Open Redirect vulnerabilities in its bug bounty program, its preventive measures against Open Redirect attacks have been quite thorough and effective… Continue Reading

Mozilla Online Website Two Sub-Domains XSS (Cross-site Scripting) Bugs ( All URLs Under the Two Domains)

Mozilla Online Website Two Sub-Domains XSS (Cross-site Scripting) Bugs ( All URLs Under the Two Domains)     Domains: http://lxr.mozilla.org/ http://mxr.mozilla.org/ (The two domains above are almost the same)         Websites information: “lxr.mozilla.org, mxr.mozilla.org are cross references designed to… Continue Reading

Paypal Online Website OAuth 2.0 Covert Redirect (OpenIDconnect) Web Security Bugs (Information Leakage & Open Redirect)

  Paypal Online Website OAuth 2.0 Covert Redirect (OpenIDconnect) Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: paypal.com   “PayPal is an American worldwide online payments system. Online money transfers serve as electronic alternatives to traditional paper methods… Continue Reading

The New York Times(Nytimes.com) Covert Redirect Web Security Bug Based on Google Doubleclick.net

                    (1) WebSite: nytimes.com “The New York Times (NYT) is an American daily newspaper, founded and continuously published in New York City since September 18, 1851, by the New York Times… Continue Reading

eBay Covert Redirect Web Security Bugs Based on Googleads.g.doubleclick.net

  eBay Covert Redirect Vulnerability Based on Googleads.g.doubleclick.net   (1) WebSite: ebay.com “eBay Inc. (stylized as ebay, formerly eBay) is an American multinational corporation and e-commerce company, providing consumer to consumer & business to consumer sales services via Internet. It… Continue Reading

Alibaba Alipay Online Website OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Alibaba Alipay Online Website OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)     (1) Domain: alipay.com   “Alipay.com is a third-party online payment platform with no transaction fees. It was launched in China in… Continue Reading

Mail.ru Online Service OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Mail.ru Online Service OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: mail.ru     “Mail.Ru Group (London Stock Exchange listed since November 5, 2010) is a Russian Internet company. It was started in… Continue Reading

Tencent QQ OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Tencent QQ OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)       (1) Domain: qq.com     “Tencent QQ, popularly known as QQ, is an instant messaging software service developed by Chinese company Tencent Holdings… Continue Reading

Google Online Service OpenID Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

    Google Online Service OpenID Covert Redirect Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: google.com   “Google has been estimated to run more than one million servers in data centers around the world (as of 2007).… Continue Reading

Sina Weibo OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Sina Weibo OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: weibo.com     “Sina Weibo (NASDAQ: WB) is a Chinese microblogging (weibo) website. Akin to a hybrid of Twitter and Facebook, it is one… Continue Reading