Tag Archives: jing wang

CXSecurity WLB-2015040034 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Web Security Vulnerabilities

  CXSecurity WLB-2015040034 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Web Security Vulnerabilities   Exploit Title: 6kbbs Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: April 02, … Continue reading

Posted in CSRF, CXSecurity, Web Application | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment

6kbbs v8.0 Weak Encryption Cryptography Security Vulnerabilities

  6kbbs v8.0 Weak Encryption Cryptography Security Vulnerabilities   Exploit Title: 6kbbs Weak Encryption Web Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: June 08, 2015 Latest Update: June 10, 2015 Vulnerability … Continue reading

Posted in 0Day, Weak Encryption, Web Application Technology | Tagged , , , , , , , , , , , , , , , , | Leave a comment

About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Web Security Vulnerabilities

About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Security Vulnerabilities   Vulnerability Description: About.com all “topic sites” are vulnerable to XSS (Cross-Site Scripting) and Iframe Injection (Cross Frame … Continue reading

Posted in Computer Technology, Open Redirect, XFS, XSS | Tagged , , , , , , , , , , , , , , | Leave a comment

Alibaba Taobao, AliExpress, Tmall, Online Electronic Shopping Website XSS & Open Redirect Security Vulnerabilities

Alibaba Taobao, AliExpress, Tmall, Online Electronic Shopping Website XSS & Open Redirect Security Vulnerabilities Domains Basics: Alibaba Taobao, AliExpress, Tmall are the top three online shopping websites belonging to Alibaba. Vulnerability Discover: Jing Wang, Division of Mathematical Sciences (MAS), School … Continue reading

Posted in IT Technology, Open Redirect, Spam, XSS | Tagged , , , , , , , , , , , , , , , , | Leave a comment

एक अन्य Heartbleed?वेब सुरक्षा में पाया दोषों, Covert Redirect

Originally posted on INZEED Business Information & Counsel:
एक अन्य Heartbleed?वेब सुरक्षा में पाया दोषों, Covert Redirect इंटरनेट अब भी Heartbleed बग से जूझ रहा है, जबकि सुरक्षा प्रोटोकॉल OAuth 2.0 और OpenID में एक प्रमुख नए भेद्यता खोज की गई है. सिंगापुर में नानयांग प्रौद्योगिकी विश्वविद्यालय की पीएचडी की छात्रा वांग जिंग हैकर्स उपयोगकर्ताओं को जानने के बिना प्रवेश जानकारी चोरी करने की कोशिश में फ़िशिंग तकनीक का उपयोग करने की अनुमति देता है कि एक बग देखा. बग अनिवार्य रूप से साइबर अपराधी के बजाय डोमेन faking के अधिक आम रणनीति का एक फ़िशिंग पॉपअप सत्ता में असली वेबसाइट प्रमाणीकरण का उपयोग करने की अनुमति देता है.इस प्रक्रिया में, हैकर्स उपयोगकर्ता के लॉगिन क्रेडेंशियल प्राप्त होगा. http://essayjeans.lofter.com/post/1cc7459a_43bf99e

Posted in Computer & Web Technology, Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Сингапурский студент обнаружил серьезную уязвимость в OAuth и OpenID

OAuth и OpenID — очень популярные протоколы, которые совместно используются для авторизации и аутентификации. Приложение OAuth генерирует токены для клиентов, а OpenID предоставляет возможность децентрализованной аутентификации на сторонних сайтах, раскрывая персональные данные пользователей. Студент Ван Цзин (Wang Jing) с факультета … Continue reading

Posted in Computer & Web Technology, Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment