Tag: Cross Site Scripting

eBay And Member Security Still Does Not Compute

9:40 AM
eBay And Member Security

Another dangerous eBay security vulnerability was recently discovered by researchers. This allows fraudsters using a highly advanced coding technique known as JSfuck, to install malware on unsuspecting members smartphones. We have been observing eBay security vulnerabilities back as far as 2004, examples are Here Here and Here. Why they allow this sloppy security is anyone’s best […]

{ Add a Comment }

Is eBay Trying To Shoot The Messenger Again

6:59 PM
This Website Supports Freedom Of Information

Had some severely degraded server performance that started Saturday around noon. “Images that normally loaded lightning fast were loading at what looked like an old 300 baud modem speed. Trying to download a recent backup file was impossible as it was so slow it timed out.” Come Sunday it was still degraded. So i put […]

{ 7 Comments }

10 Years Watching eBay Car Scams & Auction Fraud

9:31 AM
Medved eBay Auction Chart 03/05/2007

Summary of 10 years watching eBay Auction Fraud and Used Car Scams. Buyers and Sellers were conned out of their money by slick talking fraudsters and bad sellers. These observations destroyed buyer and seller trust and well established community values. It is Doc’s belief, had Meg Whitman taken a stand against fraud and misrepresentation back […]

{ 7 Comments }

JavaScript XSS Cross Site Scripting Redirect Caught On Screen Video

10:24 AM
eBay XSS Redirect Scam Video 01/20/2014

Watch as this scam listing and 2 others uses an uncorrected XSS Cross Site Scripting Vulnerability and whisks me off to a hacked website. Phishing Fraud and Identity Theft can then occur! Fraudsters hack a website and create a directory just above it’s public root. They then upload their scripts and images etc. Then plant their sucker […]

{ 1 Comment }

eBay Suspected Phishing Car Scams 06/21/2013

9:06 AM
eBay XSS Redirect Security Vulnerability

These used trucks up for auction on eBay Motors are too good to be true used vehicle deals. Your money will be stolen in the blink of an eye if you swallow the fraudsters sucker bait. We start out with this 2010 Audi A5 2.0L Quattro that just smells phishey (251293192571). Next is this 2006 […]

{ Add a Comment }

StupidToy99: eBay Customer Service Failure

7:50 PM
Forum Shill AKA Sock Puppet

StupidToy99, I sincerely feel sorry for your loss. Unfortunately you are not the only one that has become a victim of, In my personal opinion, eBay’s sloppy unsecured system. Rarely has there been a day that Google’s safe browsing report has not found some form of Malware or Exploit on eBay.com. Complaining on eBay’s forums […]

{ Add a Comment }

BestAtvStore.com XSS Cross Site Scripting Fraud

1:34 PM
best atv store fraud video

This poster on eBay’s Motors Forums claimed he was redirected to www.bestatvstore.com after clicking on an eBay internal link. That sounds like another eBay XSS Redirect that has been uncorrected for many years. Hey John Bodine.. Why don’t you post in one of your eBay forums “we heard you and have fixed that redirect vulnerability.” […]

{ 5 Comments }