PT-2019-6425 · Ruijie · Ruijie Eg-2000Se

Name of the Vulnerable Software and Affected Versions: Ruijie EG-2000SE versions 11.9 B11P1 Description: The issue is related to the newcli.php API interface in the Ruijie EG-2000SE gateway, which lacks access control. This allows an attacker with web interface access to use TELNET commands and...

See how do I find the value of 3 thousand 6 thousand USD Google RCE vulnerability-vulnerability warning-the black bar safety net

! This article tells the story of the Uruguayan public University, 18-year-old student Ezequiel Pereira found Google highest level RCE vulnerability-related process. In the beginning of the year, Ezequiel found Google Google App Engine GAEis a non-production environment of a vulnerability, exploi...

Selenium Server 未授权访问漏洞

1.开篇 不知道大家在平日工作中有没有遇到过一些端口，使用浏览器打开是下面这样子的： 上图中我找了几个在不同端口下的例子。 2.Selenium-开源的自动化测试利器 本篇主要的主角-Selenium究竟是什么呢？有过QA经验或安全自动化测试经验的朋友应该知道，以下文字来自百度百科：Selenium1 是一个用于Web应用程序测试的工具。Selenium测试直接运行在浏览器中，就像真正的用户在操作一样。支持的浏览器包括IE（7, 8, 9, 10, 11），Mozilla Firefox，Safari，Google Chrome，Opera等。支持自动录制动作和自动生成...

CVE-2017-7411

An issue was discovered in Enalean Tuleap 9.6 and prior versions. The vulnerability exists because the User::getRecentElements method is using the unserialize function with a preference value that can be arbitrarily manipulated by malicious users through the REST API interface, and this can be...

Verizon mailbox now wonderful vulnerability, personal mail can be forwarded to any mailbox-vulnerability warning-the black bar safety net

Verizon is America's Big Three telecommunications giants. A recent Verizon security personnel found the Verizon mailbox system there is a high risk vulnerability can lead to a Verizon mailbox user's mail is any forwarding to other mailbox accounts. Below this screenshot is a Verizon mailbox of a...

Palo Alto Networks PAN-OS 7.0.7 Multiple Vulnerabilities

The version of Palo Alto Networks PAN-OS running on the remote host is 7.0.7. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the passive firewall where a VM-series ESXi configuration processes and forwards traffic. No other details are available. - An unspecified...

Use CouchDB to unauthorized access vulnerability to execute arbitrary system commands-bug warning-the black bar safety net

5 on 1 6, Ali cloud shield defense against the team from external sources informed that the CouchDB database exists for unauthorized access vulnerabilities in the configuration is incorrect. After the test, the cloud shield team was the first to discover the use of the unauthorized access...

vBulletin 5.x / 4.x Persistent Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-2021 - vBulletin 5.x/4.x - persistent XSS in AdminCP/ApiLog via xmlrpc API post-auth ============================================================================ ==================== Overview - -------- date : 10/12/2014 cvss : 4.6...

mikrotik-routeros-brute NSE Script

Performs brute force password auditing against Mikrotik RouterOS devices with the API RouterOS interface enabled. Additional information: Script Arguments mikrotik-routeros-brute.threads sets the number of threads. Default: 1 brute.credfile, brute.delay, brute.emptypass, brute.firstonly,...

iphone/ipod discover the File Manager web service directory traversal vulnerability-vulnerability warning-the black bar safety net

from:Xeye Team discover is an iphone/ipod touch platform on the popular file Manager, can read pdf/office/txt format files And via wifi to share these files, a detailed description look at this: http://itunes.apple.com/us/app/discover/id292416855?mt=8 Vulnerability analysis When the wifi...