This document discusses various server-side technologies used in mobile applications such as SQL, SOAP, REST, JSON, and vulnerabilities associated with them. It covers attacks against XML-based web services like XML injection and entity expansion. Authentication methods like OAuth and issues around credential storage on mobile devices are explained. The document provides details of the different OAuth grant types and threats related to OAuth like lack of TLS enforcement, CSRF attacks, improper storage of sensitive data, and overly scoped access tokens.