Cloud Security

2345 remote code execution may be caused by browser design defects Simple and violent. 20rank has no sense of violation. 2345 update the browser to the latest version:  The current 2345 browser still allows javascript: // pseudo protocol to define

Chiyu Fingerprint Access Control Device vulnerabilities (CVE-2015-2871)Chiyu Fingerprint Access Control Device vulnerabilities (CVE-2015-2871) Release date:Updated on:Affected Systems: Chiyu Technology BF-660C Description: CVE (CAN) ID: CVE-201

OpenSSH brute force cracking VulnerabilityOpenSSH brute force cracking Vulnerability Release date:Updated on:Affected Systems: OpenSSH Description: OpenSSH is a free open-source implementation of the SSH (Secure SHell) protocol. The SSH

PHP 'Incomplete _ class. c' Memory Corruption Vulnerability (CVE-2015-4602)PHP 'Incomplete _ class. c' Memory Corruption Vulnerability (CVE-2015-4602) Release date:Updated on:Affected Systems: PHP PHP PHP Description: Bugtraq id: 75249CVE

Hacker Team RCSAndroid Trojan   Android device caution: versions 4.0-4.3 can be handled by RCSAndroid. Remote Control Trojan RCSAndroid on Android is currently one of the most professional and complex malicious programs exposed in Android. Since

The SQL injection of a website in the chain home is not fixed, so getshell can penetrate through the Intranet. Getshell is caused by unrepaired SQL Injection on a website in the chain home, which can penetrate into the Intranet. A large number of

A vulnerability has fallen into eight business systems of Beijing chain home real estate brokerage Co., Ltd. Http://tc.homelink.com.cn/Login.aspxLogin logic vulnerability exists, causing the administrator password to leak. This entry is routed to

Web security under NodeJs Web security is a topic that we must pay attention to and cannot escape. This article introduces various common Web attack techniques and solutions, especially for Node. security is even more important for js, a new

Code execution and MySQL injection vulnerability on Renren's main site Code execution and MySQL injection vulnerability on Renren's main site Code Execution Http://www.renrentou.com/project/list/status/%24%7b%40phpinfo () % 7d/sort/1/trade/0/p/2SQL

Python security coding and code Auditing 1 PrefaceCurrently, the general web development framework security has been quite good. For example, django is commonly used, but some nonstandard development methods will still cause some common security

Eight functions to enhance PHP program Security Security is an important aspect of programming. In any programming language, many functions or modules are provided to ensure program security. In modern website applications, users from all over the

Search for a substation full-site source code leakage (database information leakage) Http://ads.zhongsou.com/.svn/entries can use svn source code leakage tool to view the full site source code   Database Configuration File Location:  Database

Auspicious life arbitrary mobile phone number registration and password Modification Vulnerability 1: register any mobile phone number and click "register". Enter your mobile phone number and the SMS verification code you receive.Click capture when

Severe logical vulnerabilities in p2p financial security Kingletter Network (http://www.jinxin99.cn) in the p2p financial industry seems to be the top 50, password retrieval function has design defects, resulting in the reset of any user password. 1

Yilong loan User Password Change Vulnerability (logical vulnerability not cracked) On the official website of Yilong loan, there is a random user password change vulnerability when retrieving the password. Step 1: retrieve the password, click

Superstar education's SQL Injection across multiple databases to leak a large amount of data Avengers 2 tells a story about how a local programmer who is overconfident and writes a bug program to work overtime to fix the vulnerability. Also known as:

Win the Ministry of Justice of China F through bypass penetration First, I checked the website and did not see what programs were written, nor did I find it worth exploring. So I noticed it. Soon, I got a shell from the station. This means that the

Multiple SQL Injection millions of orders leaked at the main site of AVIC Tesco POST/NewEdition/ServeWall/PlateServeWallNew. aspx? 0.7027233010157943 & platformname = e HTTP/1.1Content-Length: 13Content-Type:

China's first image portal, Hummingbird, has a severe vulnerability Injection Point http://www.fengniao.com/active/20091123_interview/list.php? Type = 1 Run SQL map directly root@IOT:~# sqlmap -u

Xin Yi Network (Master of Flash machine) A system login site SQL injection a large number of databases Http://fx.mgyun.com/main/admin/login.aspx (POST) button1 = & TextBox1 = rrNqPVs & TextBox2 = 1 & __ EVENTARGUMENT = & __ EVENTTARGET = & __