Stealing OAuth tokens in Microsoft Web applications
Wide redirect_uri parameter in the OAuth process allows an attacker to leak the Facebook OAuth token and steal user private information
Getting a shell on a Google Acquisition
Forgotten Wordpress blog could be exploited to get remote command execution on Adometry by Google server
Making you sell what I want: Story of an Ebay XSS
Reflected XSS vulnerability could be leveraged to make the victim sell unwanted items