Cloud Security

Apple QuickTime Remote Memory Corruption Vulnerability (CVE-2015-3665)Apple QuickTime Remote Memory Corruption Vulnerability (CVE-2015-3665) Release date:Updated on:Affected Systems: Apple Quicktime Description: Bugtraq id: 75498CVE (CAN) ID:

Multiple WebKit Security VulnerabilitiesMultiple WebKit Security Vulnerabilities Release date:Updated on:Affected Systems: Apple Safari Description: Bugtraq id: 75492CVE (CAN) ID: CVE-2015-3727, CVE-2015-3658, CVE-2015-3659WebKit is an

Oracle MySQL Server Remote Vulnerabilities (CVE-2015-2582)Oracle MySQL Server Remote Vulnerabilities (CVE-2015-2582) Release date:Updated on:Affected Systems: Oracle MySQL Server Oracle MySQL Server Description: Bugtraq id: 75751CVE (CAN) ID:

NTP Denial of Service Vulnerability (CVE-2015-5146)NTP Denial of Service Vulnerability (CVE-2015-5146) Release date:Updated on:Affected Systems: NTP Unaffected system: NTP 4.3.25NTP 4.3.25NTP 4.2.8p3-RC1NTP 4.2.8p3-RC1 Description: Bugtraq

Adobe Flash Player and AIR Multiple Remote Denial of Service Vulnerabilities (APSB15-16)Adobe Flash Player and AIR Multiple Remote Denial of Service Vulnerabilities (APSB15-16) Release date:Updated on:Affected Systems: Adobe Flash Player Adobe Flash

Create tips secret-PHP callback Backdoor Recently, many people have shared a word about dog shield, but it is nothing more than constructing some dynamic functions using various methods, for example, $ _ GET ['func'] ($ _ REQUEST ['pass. Although

The moji.com app is unauthorized to add the user's shipping address. Preparation: Create two accounts A and BAccess moji mall through moji weather mobile client1. Add the shipping addressThere is a userid in the request data for adding the

Multiple phone calls a system SQL Injection Vulnerability POST/managerlogin. jsp HTTP/1.1Host: sms.iddsms.comContent-Length: 49Cache-Control: max-age = 0Accept: text/html, application/xhtml + xml, application/xml; q = 0.9, image/webp, */*; q =

Any user information can be queried if Guohua life insurance is improperly designed (with script) Improper design, allows you to query any user information The problem lies in China Life's password retrieval:

Weak password + unauthorized access + svn source code leakage in a business system of China Unicom Www.10655123.com is China Unicom, so I tried it and registered it on my mobile phone.Just after registration, I got a text message. Emma scared me to

Dahan network kills all systems and versions on 0day Management Background Permission Bypass, easy GetShell after entering the background,Experience proves to kill all systems and versions, including jcms, jact, jsearch, vipchat, vc, and xxgk.I

P2P financial security means a real financial vulnerability can leak a large amount of user information (bank card number/phone number/ID Card Photo/balance query, etc)   All the information is available now. Is the withdrawal still a problem?This

There is no verification code at Kingsoft write logon, which can be cracked. Simply write a document Url: http://w.wps.cn/  There is no verification code on the login page, and there is a risk of brute-force crackingBurp brute-force cracking POST

Happy shopping a website SQL injection involves a large number of databases How can this station be larger than the data volume of the main station when it is compared with the main station !!! Check the parameters of post. Only one parameter is

Arbitrary File Reading on a Chinese mobile website   http://data.10086.cn/pc/active/activity.do?jsp=../../../../WEB-INF/web.xml? The parameter can be read from any file. Poc: Proof of document informationThis XML file does not appear to have any

A database hit by an interface in Suning affects user account Security (bypassing restriction skills) An interface of Suning may affect User Account Security The main site logon interface can be cracked Host:

Reset Password for any user on the corn net domain name Professional Service Platform As a world-leading professional domain name service platform, corn Network is committed to providing domain name auction, domain name reservation, domain name

Improper configuration of the global design Network Substation server (resulting in leakage of sensitive information) Following the steps of our predecessors, my main station is the sub-station WooYun: the configuration of the global design network

MetInfo5.3 latest SQL Injection Vulnerability MetInfo5.3 latest SQL Injection Search. php: $module=intval($module); if($class1)$module=0; if(intval($module)){ $serch_sql.=" where lang='$lang' and (recycle='0' or recycle='-1') and

Leakage of sensitive information due to improper configuration of the primary cinema server Http://m.funguide.com.cn/ Openssl. py m.funguide.com.cnDirectly run the script: #!/usr/bin/python# Quick and dirty demonstration of CVE-2014-0160 by Jared