2sec - 哇(挖)安全 Dig / All Security Staff

Join
Login
Submit Story

Categories

View All
Alert
- Applications security
- Bugtraq
- Exploit from milw0rm
- Exploit from packetstorm
- SANS Handler's Diary
- Virus
- WHID
Attack Vector
- ActiveX
- Botnet
- Data loss
- DDoS
- Emerging Threat
- Iframe
- Insider
- Phishing
- Privacy
- Web defacement
- XSS
Cyber-War
Material
- Ebook
- Podcast
- Security Cartoon
- Tools
Olympics
People
- Why
- zhaol
Sector-Specific
- Banking, Finance & Insurance
- E-commerce & Retail
- Educational Institutions
- Energy, Power & Utilities
- Enterprises
- Government
- Telecommunications
Security Giant
- Cisco
- Google
- IBM
- Microsoft
- NSFOCUS
- Symantec
Security Industry
- Cloud
- Conference
- Jobs
- News
- startup
- web2.0
Security Services
- Incident Response
- ISMS
- IT Audit
- Regulatory Compliance
- Risk Management
- Security Awareness
- Threat Management
- Vulnerability Management
Standard
- BS 25999
- BS 31100
- CMMi
- COBIT
- ISO 20000
- ISO 27001
- ISO 38500

Tag Cloud

	XSS	Popular Upcoming

digs

dig it

Pay Pal Really Safe?

submitted by wanghongyang 670 days ago (via surfasyouwish.com)

A security researcher has discovered a cross-site scripting vulnerability on paypal.com that would allow hackers to carry out highly plausible attacks and stealing credentials from users.

0 Comments - More Info - Bury Topic: XSS

digs

dig it

XSS, Cross Site Scripting Explained (animation)

submitted by wanghongyang 660 days ago (via virtualforge.de)

illustrated explanation on the example of an online selling platform

0 Comments - More Info - Bury Topic: XSS

digs

dig it

Cookies and XSS

submitted by wanghongyang 654 days ago (via dontbehacked.com)

A detailed article on how to stay protected from XSS (Cross site scripting), which contain important information like passwords!

0 Comments - More Info - Bury Topic: XSS

digs

dig it

口碑网XSS Trap

submitted by wanghongyang 652 days ago (via huaidan.org)

口碑网www.koubei.com，很火的一个WEB2.0信息共享网站。口碑确实不错，不过安全性就不是这样了。刚刚发现的两个XSS Trap，可以轻易爆发XSS WORM。口碑网的XSS Trap肯定不止这两个，其它的就没渗透的必要了:)

0 Comments - More Info - Bury Topic: XSS

digs

dig it

Cross-Site Scripting (XSS) Attacks

submitted by wanghongyang 650 days ago (via mmublog.com)

XSS is weakness in computer security targeted web-applications such as forums guest books social networks and e-mail applications. If XSS found in any application it can be exploited by attackers from input/output validation deficiencies in the web application which give the attacker ability to inject malicious code and execute it on other users machines.

0 Comments - More Info - Bury Topic: XSS

digs

dig it

Verisign, Symantec and McAfee all vulnerable to multiple XSS

submitted by wanghongyang 647 days ago (via xssed.com)

Multiple cross-site scripting vulnerabilities affecting the websites of Verisign, Symantec and McAfee, can be used for phishing and to infect unsuspecting users with malware and crimeware. Few XSS flaws are unfixed for over a year!

0 Comments - More Info - Bury Topic: XSS

digs

dig it

Hacker points thousands of sites to Porn!!

submitted by wanghongyang 645 days ago (via castlecops.com)

A post on the castlecops security list provides details that an attacker, potentially compromised thousands of sites using a CSS/XSS vulnerability and pointed them all to a porn site! So the next time you search something on these sites, you might get an unexpected screen choc-a-block with porn :-D

0 Comments - More Info - Bury Topic: XSS

digs

dig it

Preventing Cross Site Scripting (XSS)

submitted by wanghongyang 640 days ago (via securityninja.blogspot.com)

A paper which explains what Cross Site Scripting is followed by examples of vulnerable code and the associated fixes.

0 Comments - More Info - Bury Topic: XSS

digs

dig it

JavaScript Code Flow Manipulation a real world example

submitted by wanghongyang 637 days ago (via cgisecurity.com)

Exploiting DOM-based XSS vulnerability in Adobe Flex 3 for fun and profit.