Unsecured Microsoft Bing Server Exposed Users' Search Queries and Location

A back-end server associated with Microsoft Bing exposed sensitive data of the search engine's mobile application users, including search queries, device details, and GPS coordinates, among others. The logging database, however, doesn't include any personal details such as names or addresses. The...

Pornhub: Reflect XSS on Mobile Search page

The user was able to exploit the 'search' parameter being reflected in the page body in order to execute reflected XSS within the context of Redtube. Many of developer confuse that adding slashes at double quotes can protect the xss. However, At the DOM, Adding slashes is not protecting XSS...

Anonymous Search engine 'DuckDuckGo' Android app offers Tor integration

The world of mobile search is about to get a bit more anonymous. Thanks to the fears over government surveillance and corporate tracking, Anonymous Search Engine DuckDuckGo continues to break its own search records. DuckDuckGo Search & Stories - Android app deliver the same functionality as...

CVE-2012-1029

SQL injection vulnerability in mobile/search/index.php in Tube Ace Adult PHP Tube Script 1.6 allows remote attackers to execute arbitrary SQL commands via the q parameter. NOTE: some of these details are obtained from third party information...

Tube Ace (Adult PHP Tube Script) - SQL Injection

Tube Ace Adult PHP Tube Script - SQL Injection Exploit Title: Tube AceAdult PHP Tube Script SQL Injection Date: 05/02/2012 Author: Daniel Godoy Author Mail: DanielGodoyatGobiernoFederaldotcom Author Web: www.delincuentedigital.com.ar Software: Tube Ace http://www.tubeace.com Tested on: Linux Dork...