V5shop旗下V5Mall多用户商城存在SQL注入漏洞

简要描述： @V5shop 这次应该不会出差去了吧！ 详细说明： 测试的漏洞站点：http://tdemo002mp.v5portal.com/ 漏洞页面：http://tdemo002mp.v5portal.com/member/groupbuy.ashx?id=1 简单的加个’ 上sqlmap跑下 漏洞证明： available databases 196: 021web.com.cn baby1v5shopcomcn batteryface.com book1v5shopcomcn Books boon365.v5shop.com.cn chinee.cn...

[NOSQLMap] NoSQLMap-Automated NoSQL Database pwnage

What is NoSQLMap? NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases, as well as web applications using NoSQL in order to disclose data from the database. It is named as a tribute to...

ZippyYum 3.4 Insecure Data Storage

Title: CVE-2013-6986 Insecure Data Storage in Subway Ordering for California ZippyYum 3.4 iOS mobile application Published: DATE Reported to Vendor: May 2013 CVE Reference: CVE-2013-6986 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6986 CVSS v2 Base Score: 4.9 CVSS v2 Vector...

nMap Vulnerability Scanner: Vulscan

Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version scip VulDB. Version 2.0 of Nmap NSE Vulscan is...

Penetration Testing Browser Bundle: PenQ

PenQ is an open source, Linux-based penetration testing browser bundle we built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and more. Penetration Testin...

[Vulscan] Module which enhances nmap to a vulnerability scanner

Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version scip VulDB. Installation Please install the fil...

Pirate Bay co-founder 'Anakata' suspected of hacking Danish police databases

The Pirate Bay co-founder Gottfrid Svartholm Warg a.k.a 'Anakata' is suspected of being involved in one of Denmark's biggest hack attacks. Gottfrid was arrested in Cambodia in September 2012 and has been extradited from Cambodia to Sweden last year, charged with hacking the IBM mainframe of Logic...

[PenQ] The Security Testing Browser Bundle

PenQ is an open source Linux based penetration testing browser bundle we built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and more. PenQ is configured ...

Amazon Joins Authentication Game

As attackers continue to target large databases of passwords and users grow wearier by the day of creating new accounts and login credentials on each site they visit, the larger Web players are positioning themselves as not just social networking or retail hubs, but also as authentication...

Patch 3 Release Notes for Veeam Backup & Replication 6.5

More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge These are the issues resolved by the Patch 3 for Veeam Backup version 6.5.0.106 / 6.5.0.109 / 6.5.0.128. This patch is cumulative and contains fixes from Pat...

Hackers Compromise The War Z Forum, Game Databases

Hackers compromised the forum and game database of the massively multiplayer online game, The War Z, forcing the game’s producer OP Productions to temporarily take the game and its forum offline. In a security alert issued yesterday, OP Productions informed The War Z players of the breach and...

Directory traversal

Directory traversal vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to have an unspecified impact via vectors related to databases...

Unofficial Pakistan Intelligence website hacked

While the rest of the world engaged in cyber security conferences and Anonymous operations, an Indian patriotic hacker used the time to attack Unofficial Pakistan Intelligence agency ISI. Hacker going by name "Godzilla" today claimed to hack into one of the server belongs to ISI website...

CVE-2013-0911

Directory traversal vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to have an unspecified impact via vectors related to databases...

CVE-2013-0911

CVE-2013-0911 affects Google Chrome versions prior to 25.0.1364.152, with a path traversal issue in database handling. Affected: Chrome on multiple platforms. Impact is described as a path traversal vulnerability in database handling; explicit exploit details are not provided in the supplied docu...

CVE-2013-0911

Removed by vendor...

CVE-2013-0880

Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to databases...

CVE-2013-0880

Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to databases...

CVE-2013-0880

Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to databases...

CVE-2013-0880

CVE-2013-0880 affects Google Chrome on Windows, Linux, and macOS with a use-after-free in database handling that can lead to remote DoS or other unspecified impact. The initial description lists affected versions as Chrome before 25.0.1364.97/99 (Mac), 25.0.1364.97 (Windows/Linux). Connected docu...