Schneider Electric PowerChute Serial Shutdown 路径遍历漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric, France. A path traversal vulnerability exists in Schneider Electric PowerChute Serial Shutdown, which can be exploited by an attacker to cause a web...

Schneider Electric PowerChute Serial Shutdown 安全漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown, and energy management software from Schneider Electric France. A security vulnerability exists in Schneider Electric PowerChute Serial Shutdown that stems from an improperly restricted pathname, which could allow ...

SQL Injection in Custom Fields

Description SQL injection when updating custom fields in the admin panel. Malicious web admins can use POST /app/admin/custom-fields/edit-result.php with parameters fieldType=set&fieldSize='1' CHARACTER SET utf8; SELECT sleep3; to execute the inserted SQL command SELECT sleep3; and thus result th...

Irongeek's Shared hosting MD5 Change Detection Script

Irongeek's Shared hosting MD5 Change Detection Script Adrian Crenshaw aka Irongeek just release another great tool for web admins that will monitor the files on a website, and report any changed via email. Actually "irongeek.com" was hacked few days back which is hosted on a shared hosting. There...

Web Admins Targeted in Phishing Attack

Scam e-mail artists have launched a massive campaign to trick webmasters into giving up the credentials needed to administer their Web sites, targeting site owners at more than 90 online hosting providers. Read the full article. Washington Post...