Cloud Security

BitTorrent remote code execution vulnerability in CVE-2014-8515) Release date:Updated on: Affected Systems:BitTorrentDescription:Bugtraq id: 71630CVE (CAN) ID: CVE-2014-8515 BitTorent is a content delivery protocol that uses an efficient software

FFmpeg 'libavcodec/rawdec. c' cross-border Denial of Service Vulnerability Release date:Updated on: Affected Systems:FFmpeg 2.xDescription:Bugtraq id: 71618CVE (CAN) ID: CVE-2014-9318 FFmpeg is a free software that allows you to perform video,

BMC Track-It! Information Leakage Vulnerability (CVE-2014-8270) Release date:Updated on: Affected Systems:BMC Track-It! 11.3Description:Bugtraq id: 71626CVE (CAN) ID: CVE-2014-8270 BMC Track-It! Is an integrated IT help desktop and asset

Linux Kernel 'kernel/kvm. c' local information leakage Vulnerability Release date:Updated on: Affected Systems:Linux kernelDescription:Bugtraq id: 71650CVE (CAN) ID: CVE-2014-8134 Linux Kernel is the Kernel of the Linux operating system. The

Intrexx Arbitrary File Upload Vulnerability (CVE-2014-2025) Release date:Updated on: Affected Systems:Intrexx Professional 6.0Intrexx Professional 5.2Description:Bugtraq id: 71672CVE (CAN) ID: CVE-2014-2025 Intrexx is an integrated cross-platform

For more information, see cracking Oracle Database passwords . I. Summary The main purpose of this article is to share the decryption method to attract the attention of relevant people on network security. Database security is not only the security

Android Hacking Part 4: unexpected information leakage (edge channel information leakage) We will discuss unexpected information leaks, that is, the so-called "edge channel information leakage" that I often mention ". What is unexpected information

Cross-signature certificate vulnerability in Android system can cause system crash Overview Trend Micro discovered a vulnerability affecting cross-signature certificate processing in Android. The current Android version does not properly process

Changing the network security situation: why not find the next-generation firewall? The next generation firewall provides many new features, but how to add the next generation firewall to the security product components is worth considering ......  

A bloody case caused by an injection (viemon routes store the customer's radius Information) An injection is found under the sub-station. http://help.wayos.cn//detail.php?hp_id=51%20and%201=2%20union%20select%201,concat%28user%28%29,0x20,database%28%

TIPS: get a database of a Baidu Forum (millions of users) TIPS: get a database of a Baidu Forum Http://bbs. OS .baidu.com/forum.phpBaidu cloud OS ForumHttp://bbs. OS .baidu.com/uc_server/ ucserver has set access restrictionsHowever, based on the uc

Discuz! A unified csrf + SQL batch execution risk (dz3.x, dz7.x, SupeSite7.x, etc.) exists in its products) Discuz! The product has a single SQL batch execution risk (dz3.x, dz7.x, SupeSite7.x, and so on) When I checked the SupeSite7.x product of dz

An interface defect of Ctrip can hit the database (some data has been tested) and SMS bombing Interface 1. the login interface is not protected, resulting in credential stuffing. A large number of user passwords can be guessed.Interface 2. SMS

An open-source CMS bypass filtering XSS blind hitting + getshell For the latest version 1.8, first follow/comment. php:   If ($ action = "save") {$ msgtitle = $ _ POST ["msgtitle"]; $ msgname = $ _ POST ["msgname"]; $ msgcontact = $ _ POST

Multiple SQL injection and XSS (GetShell) on one or two platforms of China Unicom)I don't know how much the impact will be on multiple SQL + upload + shell + root databases on one or two platforms of China Unicom. There are 11 databases, the current

Problems caused by exposure of new APP background (leakage of user coordinates and other information) The new APP background is exposed .... Various .... This APP is wow.Background address: http://wasai.yy.com/admin/

Mango cloud KODExlporer Information Leakage + arbitrary command execution getshell (1) First, a piece of information is exposed, and your absolute path is leaked... I also read files one by one. In controller \ app. class. php  public function index(

Blind injection of mop sub-station MySQL (with python script) Mop sub-station MySQL blind Injection Injection point:  POST http://51auto.mop.com/hclist_/Family=aaa'+(select(0)from(select(sleep(10)))v)+'bbb&file1=1&happyUserId=- The Family parameter

MySQL blind note of focus real estate substation [2] (with python script) Another sub-station of focus real estate MySQL blind note (with the python script)I forgot to mention that MySQL injection mentioned in the previous vulnerability exists in

PHPB2B injection #1 (bypass filtering) PHPB2B injection #1 somewhere. Bypass filtering.Latest official version. https://github.com/ulinke/phpb2b/archive/master.zipVulnerability files. Virtual-office/company. php POST/phpb2b/virtual-office/company.