白帽子安全

白帽子文章
计算机安全
安全漏洞
网络攻击

© 白帽子安全 | Powered by LOFTER

湛天雲海碧波影:

Web Technology:

CVE-2014-8753  Cit-e-Net Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities


Exploit Title: Cit-e-Net Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities

Product: Cit-e-Access

Vendor: Cit-e-Net

Vulnerable Versions: Version...

数学日记:

IT 计算机信息网络安全技术:

About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Web Security Vulnerabilities


Vulnerability Description:
About.com all “topic sites” are vulnerable to XSS (Cross-Site Scripting...

CNN Travel.cnn.com XSS and Ads.cnn.com Open Redirect Web Security Vulnerabilities


Domain:
cnn.com


"The Cable News Network (CNN) is an American basic cable and satellite television channel that is owned by the Turner Broadcasting System division of Time Warner. The 24-hour cable news channel...

Green Life 的喜欢:

IT 计算机&信息网络 技术:

ESPN espn.go.com Login & Register Page XSS and Dest Redirect Privilege Escalation Web Security Vulnerabilities


Domain:
http://espn.go.com/


“ESPN (originally an acronym for Entertainment and Sports Programming Network) is a U.S.-based...

IT 计算机信息网络安全技术:

日常生活點滴的記錄:

测试想法:

Yahoo Yahoo.com Yahoo.co.jp Open Redirect (Unvalidated Redirects and Forwards) Web Security Bugs


Though Yahoo lists open redirect vulnerability on its bug bounty program. However, it seems Yahoo do not take this vulnerability seriously at all...

日常生活點滴的記錄:

IT 计算机信息网络安全技术:

Google DoubleClick.net (Advertising) System URL Redirection Vulnerabilities Could Be Used by Spammers


Although Google does not include Open Redirect vulnerabilities in its bug bounty program, its preventive measures against Open Redirect attacks have been...

行者路上有風有雨有彩虹:

IT 计算机&信息网络 技术:

Facebook Old Generated URLs Still Vulnerable to Open Redirect Attacks & A New Open Redirect Web Security Bugs

Domain:
http://www.facebook.com



"Facebook is an online social networking service headquartered in Menlo Park, California. Its website...

日常生活點滴的記錄:

琐事,日常之事:

IT 计算机信息网络安全技术:

Internet Users Threatened by New Serious Security Flaw, Covert Redirect


A serious flaw in two widely used security standards could give anyone access to your account information at Google, Microsoft, Facebook, Twitter and many other online...

Alibaba Taobao, AliExpress, Tmall, Online Electronic Shopping Website XSS & Open Redirect Security Vulnerabilities




Domains Basics:
Alibaba Taobao, AliExpress, Tmall are the top three online shopping websites belonging to Alibaba.

Vulnerability Discover:
Wang Jing, Division of Mathematical Sciences (

行者路上有風有雨有彩虹:

IT 计算机&信息网络 技术:

IT 计算机信息网络安全技术:

Continúan los problemas: OAuth y OpenID también son vulnerables


Un nuevo fallo de seguridad amenaza Internet. En este caso se trata de Covert Redirect y ha sido descubierto por un estudiante chino en Singapur...