Use CouchDB to unauthorized access vulnerability to execute arbitrary system commands-bug warning-the black bar safety net

5 on 1 6, Ali cloud shield defense against the team from external sources informed that the CouchDB database exists for unauthorized access vulnerabilities in the configuration is incorrect. After the test, the cloud shield team was the first to discover the use of the unauthorized access...

GlassFish arbitrary file read vulnerability tracking report-bug warning-the black bar safety net

GlassFish is a tool for building Java EE applications service components. 2 0 1 5 years 1 0 months to be broke General purpose arbitrary file read vulnerability. Using this vulnerability, an attacker can read the server arbitrary file. Was informed of the vulnerability, cloud shield security team...

Seemingly tasteless ESPCMS background injected, can actually be a lot of fun-vulnerability warning-the black bar safety net

Yesterday, the black bar safety net loophole platform exposes a ESPCMS of injection vulnerabilities, Ali cloud computing security attack and defense against a team of friends first time on the vulnerability to do an impact assessment. Did not think need to login to the backend before it can be...