We created a list with a lot of resources that can help you to learn more about security vulnerabilities.
SOP/Origin bypassing/Cross-SOP Data Leaking
- JSON hijacking for the modern web
- Exploiting Insecure crossdomain.xml to Bypass Same Origin Policy
Insecure Direct Object References
- Using Burp to Test for Insecure Direct Object References
- Twitter Vulnerability Could Delete Credit Cards from Any Twitter Account
- This is a page with resources.