Cloud Security

Apple IAP security payment and prevention skills In the past two days, I have carefully considered several payment security issues during the preparation of our game APP purchases. Any issue involving payment is very sensitive, and it is

Analysis of vulnerabilities in Internet Explorer (CVE-2014-6350)0x00 Preface   This month, Microsoft fixed three sandbox bounce vulnerabilities in the IE enhanced protection mode, which were disclosed by me (the original author, the same below) in

IP. Board IP. Content module "cid" SQL Injection Vulnerability Released on: 2014-09-04Updated on: 2014-09-05 Affected Systems:Invisionpower IP. Content 2.3.6Description:-------------------------------------------------------------------------------

Apache OpenOffice Calc Command Injection Vulnerability (CVE-2014-3524) Release date:Updated on: Affected Systems:OpenOfficeUnaffected system:OpenOffice

Linux Kernel local security function Bypass Vulnerability (CVE-2014-5206) Release date:Updated on: Affected Systems:Linux kernelDescription:--------------------------------------------------------------------------------Bugtraq id: 69214CVE (CAN) ID:

Reexploit Remote Code Execution Vulnerability (CVE-2014-3165) after Google Chrome is released) Release date:Updated on: Affected Systems:Google Chrome

Mozilla Firefox/Thunderbird Multiple Memory Corruption Vulnerabilities (CVE-2014-1548) Release date:Updated on: Affected Systems:Mozilla Firefox 31Mozilla Thunderbird 31Description:---------------------------------------------------------------------

IBM Scale Out Network Attached Storage (SONAS) Information Leakage Vulnerability Release date:Updated on: Affected Systems:IBM Scale Out Network Attached Storage (SONAS)Description:-------------------------------------------------------------------

Release date:Updated on: Affected Systems:CURL 7.xDescription:--------------------------------------------------------------------------------Bugtraq id: 63776CVE (CAN) ID: CVE-2013-4545 CURL is a command line FILE transmission tool that supports

Release date:Updated on: Affected Systems:Adobe Digital Editions 2.0.1Description:--------------------------------------------------------------------------------Bugtraq id: 65091CVE (CAN) ID: CVE-2014-0494 Adobe Digital Editions is A software for

Release date:Updated on: Affected Systems:Sourceforge PCMan's FTP Server 2.07Description:--------------------------------------------------------------------------------Bugtraq id: 65299 PCMan's FTP Server is a simple and easy-to-use basic FTP

Ips bypass posture0x00 background Previously, wooyun often saw some bypass methods, such as the Anti-injection function of the bypass web program using the features of mysql, and the direct construction of bypass anti-injection regular expressions.

Email Security Guide for Entrepreneurs The impact of Sony Pictures being attacked by hackers is gradually presented to us. Therefore, we have noticed that business operation security is critical to any company. Whether you transmit valuable data or

Cloud storage service With its convenient and fast features, cloud storage service has been widely used by Internet users. According to Xinhuanet data, as of March this year, the number of personal cloud users in China has exceeded 0.351 billion.

A Markdown Parser for persistent XSS Vulnerability (CVE-2014-5144) What is Markdown? Markdown is a lightweight markup language. The popularity of Markdown has been widely supported by GitHub and Stack Overflow. as an ordinary person, we can also get

A complete security test on the ICKey component search platform (discovering many security risks) and Solutions A complete penetration test of ickey. Attackers can obtain the main site shell and affect the Intranet and all database

Dongle SQL Injection Protection Policy Bypass Vulnerability   Dongle Bypass Vulnerability: attackers can bypass a character directly. In some special cases, they must be used with annotator.Core character used for bypass: % 0A, which must be used

EYou email system email body storage type XSS In the past, the old version has never had any defense against XSS, so it is boring. An eyou mailbox has recently been upgraded to eyou5. We found that the new version began to filter XSS and tested it.

Leakage of PLC Ethernet modules of Mitsubishi Q Series added to the Energy Management System of Japan's North Ocean University For the safety analysis of the Mitsubishi Q series PLC, refer to the previous article. This is a real case of the control

Summary of PHP development security issuesPhp provides developers with great flexibility, but it also brings potential risks to security issues. We need to summarize the previous problems in the near future, here, I would like to summarize some of