CUPS Detection
CSRFing the uTorrent plugin
Clickjacking / Videojacking
Bypassing URL Authentication and Authorization with HTTP Verb Tampering
I used to know what you watched, on YouTube (CSRF + Crossdomain.xml)
Safari Carpet Bomb
Flash clipboard Hijack
Flash Internet Explorer security model bug
Frame Injection Fun
Free MacWorld Platinum Pass? Yes in 2008!
Diminutive Worm, 161 byte Web Worm
SNMP XSS Attack (1)
Res Timing File Enumeration Without JavaScript in IE0
Stealing Basic Auth with Persistent XSS
Smuggling SMTP through open HTTP proxies
Collecting Lots of Free 'Micro-Deposits'
Using your browser URL history to estimate gender
Cross-site File Upload Attacks
Same Origin Bypassing Using Image Dimensions
HTTP Proxies Bypass Firewalls
Join a Religion Via CSRF
Cross-domain leaks of site logins via Authenticated CSS
JavaScript Global Namespace Pollution
GIFAR
HTML/CSS Injections - Primitive Malicious Code
Hacking Intranets Through Web Interfaces
Cookie Path Traversal
Racing to downgrade users to cookie-less authentication
MySQL and SQL Column Truncation Vulnerabilities
Building Subversive File Sharing With Client Side Applications
Firefox XML injection into parse of remote XML
Firefox cross-domain information theft (simple text strings, some CSV)
Firefox 2 and WebKit nightly cross-domain image theft
Browser's Ghost Busters
Exploiting XSS vulnerabilities on cookies
Breaking Google Gears' Cross-Origin Communication Model
Flash Parameter Injection
Cross Environment Hopping
Exploiting Logged Out XSS Vulnerabilities
Exploiting CSRF Protected XSS
ActiveX Repurposing, (1, 2)
Tunneling tcp over http over sql-injection
Arbitrary TCP over uploaded pages
Local DoS on CUPS to a remote exploit via specially-crafted webpage (1)
JavaScript Code Flow Manipulation
Common localhost dns misconfiguration can lead to "same site" scripting
Pulling system32 out over blind SQL Injection
Dialog Spoofing - Firefox Basic Authentication
Skype cross-zone scripting vulnerability
Safari pwns Internet Explorer
IE "Print Table of Links" Cross-Zone Scripting Vulnerability
A different Opera
Abusing HTML 5 Structured Client-side Storage
SSID Script Injection
DHCP Script Injection
File Download Injection
Navigation Hijacking (Frame/Tab Injection Attacks)
UPnP Hacking via Flash
Total surveillance made easy with VoIP phone
Social Networks Evil Twin Attacks
Recursive File Include DoS
Multi-pass filters bypass
Session Extending
Code Execution via XSS (1)
Redirector's hell
Persistent SQL Injection
JSON Hijacking with UTF-7
SQL Smuggling
Abusing PHP Sockets (1, 2)
CSRF on Novell GroupWise WebAccess