This papers discusses a new way to attack Android applications for bypassing password authentication.
4132d9e71ac1fd9c393ea9bc250f95b0a17cdfbbd0646e28fbc5128e126e40e9
Android suffers from multiple cross site scripting, cross domain, auto file download and cross protocol vulnerabilities.
a1d1a21cef752ac336635608065950185fee872c9f2986f93039600444e3c1ab
The Firebug Firefox extension suffers from a cross context scripting vulnerability.
8b9d74df1146cc3c8cc29de6c53dfa27f17feb862653756059475ab41d02a517
sea.ebay.com suffers from a cross site scripting vulnerability.
8c25ef99cab97f199e2833444847b4df2be05dfb7bbe6a5ea3c29bd1e05e4290
tudou.com suffers from a UTF7-BOM cross site scripting vulnerability.
77f0d0d5cee1f1942628632a5418bf0a7ee03fa31382d631e811d6018223f820
Microsoft Internet Explorer suffers from a MHTML protocol handler cross site scripting vulnerability.
160d145b3bfc93edecbe246e18822b9903984206681fb0c6ec6c3e7f1a4ed245
Write-up called Hacking with MHTML protocol handler. This discusses cross site scripting via uploading a mhtml file, cross site scripting via mthml-file string injection, bypassing X-Frame-Options, an Adobe Reader cross site scripting issue, and more.
e066afaa1cdd9d529b445023c4567bd6a1940243795411121723e91f3d01bde5
Gmail JSON hijacking proof of concept exploit.
e29da0ce5d93b75b7ab2abf0e1ff62828137d9490550d776944f2ff038620363
Microsoft Internet Explorer 8 suffers from a CSS cross-domain information disclosure vulnerability.
2a8dfd52220f78635a0faf5930687642174313682c3a87ca8fabf1bf45c9145f
Zend Studio versions greater than 6.0 suffer from a cross zone command execution vulnerability.
dcb8f11047b1fe35c0a94286360c5b2a1f0a1991270aefd13a78be5596f2c207
Internet Explorer versions 7 and 8 suffer from some cross site scripting vulnerabilities.
01ff72adae6badc1a3d1922ad2173c94909448ac7e44cd9cf0c60e99b5710c16
PHP suffers from a mb_ereg(i)_replace() evaluate replacement string vulnerability.
2ffb3d5ca2fd54a119f20ce701a5ac605ced35c7510645ef6777f01a6cec8829
Discuz! versions 6.x and 7.x remote code execution exploit.
d1d95a78a88cf219026eae5595d35023fdc55e313f2101bd8a25ec0af146f7de