Cloud Security

GNU gettext "get_string ()" Integer Overflow Vulnerability Release date: 2014-12-02Updated on: 2014-6 6 Affected Systems:GNU gettext 0.19.3Description:Gettext is used for system internationalization (I18N) and localization (L10N ). GNU gettext 0.1

Joomla Akeeba Kickstart deserialization Remote Code Execution Vulnerability Release date:Updated on: Affected Systems:Joomla! AkeebaDescription:CVE (CAN) ID: CVE-2014-7228 Joomla Akeeba is in charge of Joomla! The updated component. Joomla!

Shellshock vulnerability analysis from the perspective of Syntax Parsing [CVE-2014-6271] Document Description This time, we will take a look at Bash syntax rules through poc analysis, and help you better understand bash and shellshock

Bash security vulnerabilities are more serious than heartbleed attacks. RedHat finds a computer software system vulnerability named Shellshock (or Bash Bug), which is no less serious than the "heartbleed" vulnerability in OpenSSL software. It is

Multiple HTML injection vulnerabilities in TP-LINK TL-WR841N Routers Release date:Updated on: Affected Systems:TP-LINK TL-WR841N 3.13.9 Build 120201 Rel.54965nDescription:-------------------------------------------------------------------------------

HTC Products Wi-Fi credential leakage Vulnerability Release date:Updated on: Affected Systems:HTC Desire HDHTC Desire SHTC Droid IncredibleHtc evo 3DHTC ThunderboltDescription:------------------------------------------------------------------------

PhpMyAdmin view name Cross-Site Scripting Vulnerability Release date:Updated on: Affected Systems:PhpMyAdmin 4.xDescription:--------------------------------------------------------------------------------Bugtraq id: 69269CVE (CAN) ID:

Multiple Ruby dragonfly Gem Remote Command Execution Vulnerabilities Release date:Updated on: Affected Systems:Dragonfly 1.0.5Description:--------------------------------------------------------------------------------Bugtraq id: 69395 Dragonfly

OpenStack Keystone domain-range token revocation failure Security Restriction Bypass Vulnerability Release date:Updated on: Affected Systems:Openstack KeystoneDescription:-----------------------------------------------------------------------------

Apache HTTP Server 'mod _ cache' Remote Denial of Service Vulnerability Release date:Updated on: Affected Systems:Apache Group HTTP Server 2.4.6Description:--------------------------------------------------------------------------------Bugtraq id: 68

Metasploit penetration testing of Ubuntu 12.04 (1) This article is mainly about entertaining exercises. Share the Attack Details, including some script files from various sources modified by the original author. The Penetration Process is not the

Pfsense HA (high availability cluster)0x00 Preface Some time ago, the company's firewall physical machine crashed, causing the company's network paralysis. My company's websites are inaccessible, so I thought of studying this Pfsense HA. The

Interpreting Android penetration artifact DroidSheep to view ARP spoofing attacks About DroidSheep  DroidSheepIt is a security testing tool on the Android platform and can be used for security testing such as web session hijacking. It can listen to

The TCL vulnerability package can successfully enter the Intranet. #1. Injection   Http://battery.tcl.com/read_news.php? Http://lighting.tcl.com/cn/about.aspx? Id = 69 http://ehr.tcl.com/ehr POST injection http://magazine.tcl.com/manager/login.aspx

Trying to hack Redis via HTTP requests0x00 Preface The article was translated. Some modifications were made during the translation process and some additional things were added. If you are interested, you can directly read the original text. The

What should I do if my computer is poisoned? Many netizens in the red/Black alliance are concerned about computer viruses. Maybe many of their friends are new to computers and do not know much about computer viruses. At present, there are too many

Two SQL injection points for a general enterprise website construction system Rookie enterprise website system PHP version is a simple and easy-to-use PHP enterprise website system for secondary development. Mysql and Access databases are available

Cmseasy latest version of stored XSS (xss protection mechanism can be bypassed) #2 Html is a very interesting language .. The xss code in the bbs posting area of cmseasy performs a complete filtering of the html code in <>.  function xss_clean($data)

Open-source Web Application Development Tool WebBuilder Arbitrary File Reading and repair Open-source Web Application Development Tool WebBuilder has the Arbitrary File Reading Vulnerability, which can leak key information such as server and

SQL Injection Online Detection (sqlmapapi)A previous penetration engineer asked me about sqlmapapi. what is py? I guess a lot of people have played sqlmap, but I think there should be fewer sqlmapapi games. Today, let's take a look at how to use it