Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the /api/internal/stationid/liquidsoap/action endpoint due to missing internal connection requirements and improper validation of the X-Liquidsoap-Api-Key header. An attacker can inject arbitrary metadata, disru...

Apache/NGINX 下 PHP-FPM 或者 PHP-CGI 拒绝服务漏洞

使用标准cable/DSL连接，这种攻击可以使用标准的HTTP请求占满一台Linux web服务器的CPU和内存。这种攻击影响使用PHP-CGI或PHP-FPM（包含WordPress站点在内）解析PHP动态内容的Apache或者NGINX web服务器。另外，这种攻击制造的请求将会在攻击后的较长时间内继续占用服务器资源。 0 全版本 暂无 ?php !/usr/bin/php / File: phpstress.php Written by: d4rk0 / @d4rk0s Concept by: Vinny Troia / @VinnyTroia Night Lion Securit...