Earlier I updated readers with latest vulnerabilities that were found on IndiaTimes and ASK.com by a Pakistani security researcher Danish Tariq, this time he is back with couple of more vulnerabilities.
Danish claims to have found critical cross site scripting vulnerability (XSS) on Brazzers.com, leaving the paid customer to loose thousands of dollars in few seconds. Brazzers.com is known for its explicit content all over the world.
Other then that, the researcher claims to have found more critical cross site scripting vulnerabilities (XSS) on other websites like the official site of Toyota Motors France, Ford Germany and BMW Italy.
Screenshot of Toyota France ( www.toyota.fr) website showing the vulnerability:
Screenshot of Ford Germany (www.ford.de) website showing the vulnerability:
Screenshot of BMW Italy (www.bmw.it) website showing the vulnerability:
Danish claims that vulnerabilities are critical and can be further exploited to access the private information of users.
BMW Italy has responded Danish in a positive manner on the issue, however, other three sites didn’t replied for now.