Cloud Security

Use JavaScript scripts to defend against DDOS attacks Next, I continued to use JavaScript scripts to defend against DDOS attacks.Vs v2The previous tricks are purely entertaining and cannot last long.But it is simple and fun. It seems that this is

Apple OS X Local Elevation of Privilege (CVE-2016-1743)Apple OS X Local Elevation of Privilege (CVE-2016-1743) Release date:Updated on:Affected Systems: Apple OS X Apple OS X Description: CVE (CAN) ID: CVE-2016-1743OS X is a pre-installed

Multiple Cross-Site Scripting Vulnerabilities in phpMyAdmin (CVE-2016-2043)Multiple Cross-Site Scripting Vulnerabilities in phpMyAdmin (CVE-2016-2043) Release date:Updated on:Affected Systems: PhpMyAdmin 4.5.4> 4.5.xPhpMyAdmin 4.4.15.3> 4.4.x

Wireshark X.509AF parser DoS Vulnerability (CVE-2016-2524)Wireshark X.509AF parser DoS Vulnerability (CVE-2016-2524) Release date:Updated on:Affected Systems: Wireshark Wireshark 2.0.x Description: CVE (CAN) ID: CVE-2016-2524Wireshark is the most

PhpMyAdmin full path leakage Vulnerability (CVE-2016-2044)PhpMyAdmin full path leakage Vulnerability (CVE-2016-2044) Release date:Updated on:Affected Systems: PhpMyAdmin 4.5.4> 4.5.x Description: CVE (CAN) ID: CVE-2016-2044Phpmyadmin is an

How to set the access permission for shared files on the LAN and record the access logs of shared files on the LANCurrently, many local networks have file servers, which usually share files for access by LAN users. However, to protect the security

A vulnerability in the GPS Positioning System of Ping An can leak a large amount of information (user information/order information/real-time vehicle location) Detailed description: Http://gps.lnwin.com/ Account: testPassword 123456 After

Oracle out-of-band release for Java SE Vulnerability Analysis (CVE-2016-0636)0 × 00 vulnerability Overview Vulnerability No.: CVE-2016-0636, a variant of the Vulnerability (CVE-2013-5838) that Adam Gowdiak reported to Oracle on 2013. Oracle has not

P2P financial security-friendly loan management APP operation management system + weak mysql password RT   URL：http://180.76.135.96 Weak Password: admin  Pleasant loan and wealth management APP Operation Management SystemWeak mysql password: root 12

Weak Password of Didi taxi OA system can cause internal information leakage and password change is required Morality often leads to flaws in wisdom. However, wisdom always fills in gaps in morality. At first, I ran the domain name and found that OA

Crowdfunding order details page user information can be traversed and leaked The crowdfunding order details page does not have permission to view. According to the order rules, N user information is

Coda video surveillance system mysql database weak password (involving all devices of China People's property insurance Suzhou Branch) China People's Property Insurance Limited by share Ltd Suzhou Branch-Corda video surveillance system mysql

Quick enough for a cloud database to leak sensitive information to servers/tokens/database passwords (affecting 1.69 million enterprise user data) Quick enough for a cloud database to leak sensitive information to servers/tokens/database passwords

DLL injection posture (2): CreateRemoteThread And More There is actually a lot of content about this series, and the examples provided are all self-compiled source code, there are also related articles in the Open security and Infosec Institute. Of

Unauthorized access to jmx-console of a project in Digital China (Getshell/Technical Document leakage/ftp data leakage/sensitive data of multiple project systems) RtThis system should be the CTAIS Project Development System of China's tax

Webpage version link sharing Vulnerability (for example, forging ELE. Me red packet Phishing) Use the web terminal to Modify text-and-text link messages (such as ELE. Me red packet messages), and then send them out. After testing, you can modify the

A motor vehicle driver system in a city in Zhejiang Province (involving a large amount of sensitive information/detailed information of drivers throughout the city/a large amount of assessment data) **. **. **. **/Pages/jsp/sys/login. jsp: the

China Telecom Jiangxi main site can be accessed by getshell over waf Verify getshell Address: http ://**. **. **. **/res/active/4G/upload. jsp (login required) Upload Vulnerability is also installed with security software, so I killed all my

Diyou P2P stock-taking system file design defects can be injected (arbitrary login/password change) Such as question Modules \ ucenter \ api \ uc. php appears on the uc interface file Error_reporting (7); define ('uc _ CLIENT_ROOT ', DISCUZ_ROOT. '.

The SQL injection vulnerability exists in the APP on the website (where to find the database accidentally) Web app SQL InjectionDetailed description: Target: APP on the official website of chinan.comCheck that SQL Injection exists in the following