Cloud Security

Roundcube webmail Cross-Site Scripting Vulnerability (CVE-2015-8105)Roundcube webmail Cross-Site Scripting Vulnerability (CVE-2015-8105) Release date:Updated on:Affected Systems: RoundCube Webmail RoundCube Webmail 1.1.x-1.1.3 Description: CVE

Shell scripts monitor MySQL services and shell scripts monitor mysqlThe main content of this article describes how to monitor whether the MySQL service is normal by using shell scripts. For more information, see The general idea is to check whether

Cisco IOS Software RADIUS client Denial of Service Vulnerability (CVE-2015-6263)Cisco IOS Software RADIUS client Denial of Service Vulnerability (CVE-2015-6263) Release date:Updated on:Affected Systems: Cisco IOS 15.4 (3) M2.2 Description: CVE

Analysis of Camera App privacy data leakage0x00 PrefaceMany popular Android applications have leaked private data. We found another popular Google Play app, "Camera Ultimate", not only optimized users' photos, but also inadvertently

Siemens sicam mic Authentication Bypass Vulnerability (CVE-2015-5386)Siemens sicam mic Authentication Bypass Vulnerability (CVE-2015-5386) Release date:Updated on:Affected Systems: Siemens sicam mic Description: Bugtraq id: 75904CVE (CAN) ID:

IBM InfoSphere DataStage Arbitrary Code Execution Vulnerability (CVE-2015-1900)IBM InfoSphere DataStage Arbitrary Code Execution Vulnerability (CVE-2015-1900) Release date:Updated on:Affected Systems: IBM InfoSphere DataStage 9.1IBM InfoSphere

Wireshark Android Logcat File parser Remote Denial of Service VulnerabilityWireshark Android Logcat File parser Remote Denial of Service Vulnerability Release date:Updated on:Affected Systems: Wireshark 1.12.0-1.12.4 Description: Bugtraq id: 74

Multiple security vulnerabilities in Apple Mac OS X/iOSMultiple security vulnerabilities in Apple Mac OS X/iOS Release date:Updated on:Affected Systems: Apple Mac OS X Apple iOS Description: Bugtraq id: 73984CVE (CAN) ID: CVE-2015-1089, CVE-2015-10

HP Operations Manager Remote Code Execution Vulnerability in CVE-2014-2649) Release date: 2014-10-08Updated on: Affected Systems:HP Operations ManagerDescription:Bugtraq id: 70353CVE (CAN) ID: CVE-2014-2649 HP Operations Orchestration is an

Multiple Cross-Site Scripting Vulnerabilities (CVE-2014-2511) for EMC Documentum Products) Release date:Updated on: Affected Systems:EMC Documentum Content Server 7.xEMC Documentum Content Server 6.xDescription:-------------------------------------

PrestaShop Mpay24 Payment Module information leakage and SQL Injection Vulnerability Released on: 2014-09-03Updated on: 2014-09-04 Affected Systems:Mpay24 Mpay24 1.5Description:-------------------------------------------------------------------------

Adobe Flash Player and AIR Security Restriction Bypass Vulnerability (CVE-2014-0535) Release date:Updated on: Affected Systems:Adobe Flash Player 13.xAdobe AIR 13.xDescription:--------------------------------------------------------------------------

How to Implement SSL perfect forward secrecy Technology in NGINX website servers? This article describes how to implement the Perfect Forward Secrecy (Perfect Forward Secrecy) and NGINX website server On Debian and Ubuntu systems. For other

Six major security risks of Apple iOS devices  1. iOS monitoring and remote access Trojan Some Apple jailbreak tools can remove all built-in security mechanisms in iOS, and install monitoring software and remote access Trojans to facilitate

Microsoft: In the face of brute-force cracking, increasing password complexity is useless. We all hate passwords, but unfortunately, in the present and the future we can see, the main method for online authentication such as account logon still

Analysis on the efficient cracking principle of WordPress using XMLRPC Xmlrpc is an interface for remote calls in WordPress, and it was proposed and exploited a long time ago to use xmlrpc to call the interface for account brute-force cracking.

Wordpress4.2.3 privilege escalation and SQL Injection Vulnerability (CVE-2015-5623) AnalysisThis is a vulnerability that you have been paying attention to over the past few days. wordpress released version 4.2.4 last week, which mentioned fixing

Weaver's cloud Office Platform's arbitrary Password Reset Vulnerability (Official Account as an example) Https://passport.eteams.cn/password   Reset the password.Change username to any email address to reset it.Take the official website account

SQL Injection for a Baidu business (leakage of Administrator account and password) Http: // 42.62.39.206/wap/fl2 /? Mo = 1 & sortid = 12 & cm = M3140060 & site = 0 Sortid Parameters available databases [4]:[*] baikan[*] information_schema[*] mysql[*]

Youyou mailgard webmail mail system SQL injection and command execution (login required) Show_mail.php: Require_once ('.. /global. php '); // GET the parameter information $ t_get_sd = urldecode ($ _ GET ['sd']); $ _ GET ['sd'] = strlen ($ _ GET