Cloud Security

Bilibili rsync access control error causes data leakage An rsync Service does not have proper permission control, resulting in file access. Rsync 121.52.243.4: websyncDrwxr-xr-x 4096 09:53:57.-Rw-r -- 317 11:54:39 createKey-Rwxr-xr-x 86 20:18:07

Redmine git_http_controller.rb Arbitrary Command Execution Vulnerability Release date:Updated on: Affected Systems:RedmineDescription:CVE (CAN) ID: CVE-2013-4663 Redmine is a web-based project management software developed using Ruby and a

Linux Kernel 'keys/gc. c' Local Memory Corruption Vulnerability Release date:Updated on: Affected Systems:Linux kernelDescription:Bugtraq id: 71880CVE (CAN) ID: CVE-2014-9529 Linux Kernel is the Kernel of the Linux operating system. Linux kernel

Huawei Tecal RH Series Security Vulnerability Release date:Updated on: Affected Systems:Huawei Tecal RH SeriesDescription:Huawei Tecal RH Series is a rack server product. An error occurs when the Huawei Tecal RH series processes the length of the

Umbraco CMS TemplateService component update Function Arbitrary Code Execution Vulnerability Release date:Updated on: Affected Systems:Umbraco CMS Description:CVE (CAN) ID: CVE-2013-4793 Umbraco is an open source CMS Content Management system. It is

Libssh 'kex. c' dual-release Denial of Service Vulnerability Release date:Updated on: Affected Systems:Libssh Libssh 0.5.xDescription:Bugtraq id: 71865CVE (CAN) ID: CVE-2014-8132 Libssh is a C language development kit used to access the SSH

Multiple GnuPG Memory Corruption Vulnerabilities Release date:Updated on: Affected Systems:GnuPG Gnupg2 2.0.26Description:Gnupg2 is a GNU encryption program. Gnupg2 2.0.26 and earlier versions have multiple security vulnerabilities. Malicious users

OpenSSL patch released to fix eight detected security vulnerabilities OpenSSL released new patch versions 1.0.1k, 1.0.0p, and 0.9.8zd to fix the eight OpenSSL Security Vulnerabilities just discovered. : Openssl-1.0.1k.tar.gz

OpenSSL Certificate fingerprint Local Security Restriction Bypass Vulnerability Release date:Updated on: Affected Systems:OpenSSL Project OpenSSL OpenSSL Project OpenSSL 1.0.1-1.0.1kOpenSSL Project OpenSSL 1.0.0-1.0.0pDescription:Bugtraq id:

Getshell, a sina Server Getshell, a sina Server On a server of Sina, the Forum information is displayed as a plug-in Forum of Sina SHOW, But you can understand Mao in Section C of Sina.  Http: // 123.103.108.50/uc_serverCorresponding domain name is

KPPW latest SQL injection vulnerability 7 (multiple injection points) KPPW Latest Version SQL injection vulnerability 7, multiple injection points First, SQL injection:File/control/user/transaction_works.php: If ($ action = 'delete _ image') {$

KPPW latest SQL injection vulnerability 9 (large-area injection caused by global problems) The latest SQL injection vulnerability in KPPW is also a large-scale injection vulnerability caused by global problems. It is stated that the vulnerability is

Unauthorized addition, modification, and deletion of arbitrary users (including super administrators) in the Web Console of Kingsoft enterprise terminal protection and Optimization System) Unauthorized addition, modification, and deletion of any

Adversarial ROBOT: Build a WAF that combines front and back ends We have introduced some man-in-the-middle attack solutions that combine front and back ends. Due to the particularity of Web programs, the participation of front-end scripts can

KPPW latest SQL injection vulnerability 6 (multiple blind injection scripts) The latest version of kppw SQL injection vulnerability 6 has too many vulnerabilities. It must have been a lazy program with no security awareness, resulting in multiple

A problem left by Haier leads to access to the primary store of the mall and Solutions Leakage of mall users and order libraries can be caused by a legacy problem of Haier accessing the Intranet and weak Intranet

PHPOK combined with CSRF (GET type)-GETSHELL PHPOK does a good job of input filtering, and addslashes escaping is applied to all input parameters. addslashes does not provide security protection in some scenarios. Here we use PHPOK to give an

A hitao system may cause leakage of tens of millions of user data. User data includes:Order No. (order_id)/Total order amount (final_amount)/payment status (pay_status)/order time (createtime)/member username (member_id)/shipping region/login IP/  1

SSRF (with verification script) SSRF (with verification script) SSRF is located:  http://tuanbai.baidu.com/apiCheckv1/?url=http://10.42.7.78 HTTP Status 200, will return  Retrieving data from the API does not conform to our specified XML

A shopping platform uses SQL injection to leak sensitive information. A shopping platform SQL injection leakage sensitive information website address: http://www.whjdsc.com/ Injection point: http://www.whjdsc.com/goods_sales.php? Act_id = 4Injection