Lucene search
K
Myhack58Most viewed

7620 matches found

myhack58
myhack58
added 2007/11/13 12:0 a.m.80 views

Oracle password file with the role and description-vulnerability warning-the black bar safety net

In the database is not started before login to start the database if no password file, the database does not start before it is only through theoperating systemauthentication. Using Rman, a lot of times need in nomount,mount and other state of the database for processing. It usually requires sysd...

6.9AI score
Exploits0
myhack58
myhack58
added 2006/06/19 12:0 a.m.80 views

Port·Trojan·security·scanning applications knowledge-vulnerability warning-the black bar safety net

See this topic you maybe a little strange, how can put this a few words put together, actually talking about ports and Trojans are commonplace, but even that is often talked about there are a lot of people a computer is a“shock wave”rushing through after the turn is“shock wave”severely earthquake...

7.1AI score
Exploits0
myhack58
myhack58
added 2017/07/14 12:0 a.m.79 views

CVE-2017-0283: Windows Uniscribe remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

The last“patch Tuesday”to fix the one named“USP10! MergeLigRecords in Windows Uniscrible font processing heap broken ring”RCE vulnerability. Many days after the Google Project Zero team of Mateusz Jurczyk released a PoC of the report. In the Windows of the library at the same time the presence of...

7.7AI score0.39019EPSS
Exploits2
myhack58
myhack58
added 2017/06/14 12:0 a.m.79 views

Automated mining Windows kernel information disclosure vulnerability-vulnerability warning-the black bar safety net

2017 6 on patch day, to fix up before we report 5-a kernel information leak vulnerability , the end of the article have details. The year before I demonstrate how to use JS to fuzz the kernel, today we want to bring to you is not dependent on the fuzz, and to automate the mining kernel...

5.6AI score0.03713EPSS
Exploits4
myhack58
myhack58
added 2017/02/07 12:0 a.m.79 views

Exploit the vulnerability to unlock the hammer T1/2 phone in bootloader-vulnerability warning-the black bar safety net

Author: Pangu lab About the bootloader lock Smartisan is a mobile phone is one of the few attracted to industrial design and user experience. Luo cross-border too much, but also inevitably lead to its initial idea and the reality gap. the bootloader really locked or not locked, or even had been a...

0.3AI score
Exploits0
myhack58
myhack58
added 2017/01/11 12:0 a.m.79 views

From MS16-098 see a Windows 8.1 kernel exploit-vulnerability warning-the black bar safety net

When I first started contact core vulnerability when I don't have any about the kernel of the experience, not to mention to take advantage of a kernel vulnerability, but I'm always for reverse engineering and exploit techniques are very interested. Initially, my idea was simple: find one not...

0.2AI score
Exploits0
myhack58
myhack58
added 2014/05/07 12:0 a.m.79 views

WordPress cookie forgery vulnerability detailed analysis and exp-vulnerability warning-the black bar safety net

0×0 0 Preface This article The analysis is in wordpress3. 8. 2 update fixes the cookie falsification Vulnerability, CVE-2 0 1 4 - 0 1 6 6, and is given corresponding to exp. According to the description in WordPress before 3.7.2 and 3.8. x before 3.8.2 are affected, A local installation of...

0.3AI score
Exploits0
myhack58
myhack58
added 2012/07/08 12:0 a.m.79 views

Struts2 remote command execution vulnerability analysis and prevention-vulnerability and early warning-the black bar safety net

Struts 2 is the struts and WebWork technology based on a merge of the new framework. Its brand new Struts 2 architecture and Struts 1 architecture the difference is huge. Struts 2 with WebWork as the core, using the interceptor mechanism to deal with user's request, such design also makes the...

0.7AI score
Exploits0
myhack58
myhack58
added 2010/05/05 12:0 a.m.79 views

Kingdee K3 emergence of serious security vulnerabilities, a hacker can easily read the database all the information-vulnerability warning-the black bar safety net

From the pixel buns Estimated other ERP Software also a lot of similar things, interested students can talk to about it. Reproduced start. This flaw in the K3 of each version are present and the same, including the new version of the K3 V12. 3 version. Major data security vulnerability is describ...

8.4AI score
Exploits0
myhack58
myhack58
added 2010/01/08 12:0 a.m.79 views

Simple html injection leads to Gmail 0day-vulnerability warning-the black bar safety net

/Very good article Oh/ A Google. com service certification analysis xssand authentication are inseparable, the authentication way may decide toxssthe use of the way, the last analysis feel too sloppy, even proven wrong, this time to a detailed analysis under the gmail landing way, for the future ...

0.1AI score
Exploits0
myhack58
myhack58
added 2005/12/18 12:0 a.m.79 views

Remember the Alma Mater of a non-marginalia attack-vulnerability warning-the black bar safety net

Editor's note: a very old article, The author has also not been released, I steal it out for everyone to draw on the following ideas. A. Causes. School of the FAI says he sent the on-campus DV reviews old deleted, so they want to test the forum security, then on the use side note got the...

7.5AI score
Exploits0
myhack58
myhack58
added 2019/01/25 12:0 a.m.78 views

Apache Spark RPC Protocol deserialization vulnerability analysis-vulnerability warning-the black bar safety net

Front a burst of Spark official release of the title for the CVE-2018-17190: Unsecured Apache Spark standalone executes user code of the security Bulletin. The announcement indicated the vulnerability affects version to full version, and does not indicate a repaired version, only the relevant...

7.5CVSS0.8AI score0.08721EPSS
Exploits0
myhack58
myhack58
added 2018/05/30 12:0 a.m.78 views

Pwn2Own Huawei HiApp vulnerability principle and the use of analysis on-vulnerability warning-the black bar safety net

0×01 description ps:this article from the attacker's perspective to analyze how to find the Pwn2Own Huawei mobile phone vulnerabilities, but does not represent the vulnerabilities discoverer of the idea is the same, for informational purposes only. This series vulnerability analysis as it involve...

1.1AI score
Exploits0
myhack58
myhack58
added 2017/08/01 12:0 a.m.78 views

The VMware virtual machine escape patch analysis-vulnerability warning-the black bar safety net

One, Foreword A virtual machine refers to the installation in the normal host machineOSwithin a fully isolated clientoperating system. Virtual machine escape refers to the breakthrough of the virtual machine limit, with the host machineOSthe interaction of a process, an attacker can through a...

7.2CVSS0.8AI score0.00542EPSS
Exploits0
myhack58
myhack58
added 2017/06/14 12:0 a.m.78 views

The butterfly effect and the program error---a slag-hole the use-vulnerability warning-the black bar safety net

Description A South American Amazon Basin rainforest butterfly, occasionally flapping a few wings, maybe in Texas cause a tornado? This I'm not sure I can determine is the program of any one of the minor errors after amplification are possible for the program to produce disastrous consequences...

9.3CVSS0.1AI score0.4811EPSS
Exploits3
myhack58
myhack58
added 2017/05/08 12:0 a.m.78 views

Intel AMT features to remotely provide the right high-risk vulnerability analysis-vulnerability warning-the black bar safety net

Earlier this week, Intel released a high-risk mention the right vulnerability, the impact of the range including the past 7 years Intel Server chip remote management capabilities. A remote attacker can exploit the vulnerability control there PC's, laptops and servers. This vulnerability number...

0.3AI score0.92189EPSS
Exploits7
myhack58
myhack58
added 2017/04/19 12:0 a.m.78 views

Bosch automotive Drivelog Connector dongle remote vulnerability analysis-vulnerability warning-the black bar safety net

In this article, we will be on the Argus research team at Bosch Drivelog Connect BOD-II adapter in the discovery of the vulnerability is discussed in detail. Note that this vulnerability would allow an attacker to by Drivelog platform to stop a running car engine. According to the Argus of the...

0.3AI score
Exploits0
myhack58
myhack58
added 2017/02/28 12:0 a.m.78 views

YouTube encrypted video there are multiple universal password can bypass the limit(wonderful vulnerability)-vulnerability warning-the black bar safety net

YouTube encrypted Video, a plurality of universal password Detailed description: As long as the Password box, enter the two English double quotation marks. For example: "" press the OK button to play all the encrypted videos. Management added: "" \ %% or a=a And other characters can bypass video...

7.2AI score
Exploits0
myhack58
myhack58
added 2016/09/09 12:0 a.m.78 views

About love fast iKuai routing product vulnerability briefings-vulnerability warning-the black bar safety net

Recently, the national information security vulnerabilities library CNNVD received Beijing long-kiosk Science & Technology Co., Ltd. about enterprise-level stream routing product“iKuai IK-G20SQL injection vulnerability”, the“iKuai noobSQL injectionvulnerability”and“iKuai white command injection...

0.9AI score
Exploits0
myhack58
myhack58
added 2009/06/08 12:0 a.m.78 views

MS09-0 0 1 SMB Dos Poc Exploit-vulnerability warning-the black bar safety net

Today with python to write a SMB dos poc, test vista sp1, A packet in the past immediately a blue screen, but XP SP2 not work, because XP SP2 the following default does not allow null sessions to access the lsarpc,samr, etc. named pipes. MS09-0 0 1 SMB Dos Vulnerabilities Poc Exploit Author :...

0.6AI score
Exploits0
myhack58
myhack58
added 2019/04/11 12:0 a.m.77 views

. NET advanced code audit of the seven classes NetDataContractSerializer deserializing vulnerability-vulnerability warning-the black bar safety net

NetDataContractSerializer and DataContractSerializer for serialization and de-serialization in Windows Communication Foundation WCF message to send the data. Between the two there is an important difference: the NetDataContractSerializer includes CLR through the CLR type to add additional...

0.3AI score
Exploits0
myhack58
myhack58
added 2017/10/12 12:0 a.m.77 views

Important vulnerabilities early warning: the Windows DNS client in the broke multiple heap buffer overflow flaws vulnerabilities in bug-bug warning-the black bar safety net

Microsoft has in the 2017 year 10 months official fix for the vulnerability CVE-2017-11779, the vulnerability includes the Windows DNS client in the plurality of memory corruption vulnerabilities, running Windows 8/Server 2012 and an updated version ofOSthe computer will be affected by this...

9.6AI score0.33104EPSS
Exploits1
myhack58
myhack58
added 2016/08/16 12:0 a.m.77 views

Samsung smart surveillance camera is explosion proof remote code execution vulnerability with POC-the exploit-warning-the black bar safety net

Vulnerability overview EDB-ID:4 0 2 3 5 Vulnerability found by: PentestPartners CVE: no Release Date: 2 0 1 6 years 0 8 month 1 4 day Vulnerability type: remote vulnerability Affected platforms: the system hardware Affected App: no Exploit POC: click to download Foreword Currently, the vast...

8.4AI score
Exploits0
myhack58
myhack58
added 2016/01/29 12:0 a.m.77 views

Ruby on Rails remote code execution vulnerability analysis (CVE-2 0 1 6-0 7 5 2)-vulnerability warning-the black bar safety net

If your application uses a dynamic rendering path, such as render params:id, and then unfortunately, the application currently by the presence of local file inclusion and lead to remote code execution vulnerabilities, please quickly move your Rails to update to the latest version, or for your...

4.3CVSS0.53703EPSS
Exploits2
myhack58
myhack58
added 2014/06/07 12:0 a.m.77 views

Fortify SCA analysis code vulnerabilities the whole solution-vulnerability warning-the black bar safety net

The last describes the use of FindBugs-assisted analysis of code vulnerability, this time a tools: Fortify SCA Demo 4.0.0。 Fortify is a security aspect of the quite famous company, there is not much to say. First introduce the protagonist: the Fortify SCA Demo 4.0.0, although do not know now...

0.5AI score
Exploits0
myhack58
myhack58
added 2012/06/21 12:0 a.m.77 views

SHOPEX 4.8.5 SQLINJECTION injection as well as background get SHELL-vulnerability warning-the black bar safety net

Vulnerability is the core function \core\modelv5\trading\mdl.goods.php since zend decryption out of the specific line number is not posted 0 1 function getproducts $gid, $pid = 0 //injection injection injection injection injection injection injection injection injection injection injection...

8.7AI score
Exploits0
myhack58
myhack58
added 2011/03/22 12:0 a.m.77 views

CMS Lokomedia 1.5 arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

CMS Lokomedia is a php-based content management system. CMS Lokomedia 1.5 arbitrary file upload vulnerability that could result in an attacker access to the web shell. +info: CMS Lokomedia 1.5 Arbitary file upload vulnerability Software: CMS Lokomedia Vendor: http://bukulokomedia.com/home Vuln...

0.4AI score
Exploits0
myhack58
myhack58
added 2010/02/23 12:0 a.m.77 views

To bypass the <? PHP exit('Access Denied'); ?> Limit-vulnerability warning-the black bar safety net

To bypass ? PHP exit’Access Denied’; ?& gt; limit ? php $shellcode=’PD9waHBpbmZvKCk7Pz4’;// base64decode ? phpinfo;?& gt; $endstr=’s’; $timestamp=$endstr.$ shellcode; fileputcontents"php://filter/write=convert.base64-decode/resource=ryat.php","? PHP exit’Access Denied’; ?& gt;\t$timestamp"; ?& gt...

1.1AI score
Exploits0
myhack58
myhack58
added 2010/01/20 12:0 a.m.77 views

wscript. the shell is disabled,execute the command-vulnerability warning-the black bar safety net

See close wscript. shell, upload the cmd. exe to the above to run no command. The runtime will tell the fault. If you want to run the command you can try this method, try the following: Put the following code to copy: object runat=server id=oScriptlhn scope=page...

Exploits0
myhack58
myhack58
added 2009/08/06 12:0 a.m.77 views

linux udev permissions vulnerability testing methods-vulnerability warning-the black bar safety net

Author: Liang increased sea Article source: http://s-logs.com/2009/04/linux-udev.html Copyright: can any reproduced, reprinted, please be sure to hyperlink marked article origin and author information and this statement Vulnerability relevant information may be in the following link to obtain:...

7.2CVSS7.7AI score0.81528EPSS
Exploits12
myhack58
myhack58
added 2007/05/22 12:0 a.m.77 views

Ray Chi-news publishing system(any version)exploit-vulnerability warning-the black bar safety net

Copyright to the vulnerability discoverer focn all, reproduced please keep the article intact, and indicate the source of! This article only do the study with, to any person for any illegal purpose himself does not bear any responsibility! Author: black radish System: ray Chi press release...

7.1AI score
Exploits0
myhack58
myhack58
added 2017/07/04 12:0 a.m.76 views

Wolf CMS both the old and new version of the file upload vulnerability analysis-vulnerability warning-the black bar safety net

A Wolfcms description Wolf CMS is a Content Management System CMS, is in the GNUGeneral Public License v3 released under the free software. Wolf CMS is made in PHP language, is Frog CMS a branch. In 2010, Packet Publishing open source projects, the award of“Most Promising Open Source...

7.6AI score
Exploits0
myhack58
myhack58
added 2017/04/06 12:0 a.m.76 views

Even the WiFi can also be black? iOS 10.3 to the presence of high-risk vulnerabilities, please everyone rushed to upgrade! - Vulnerability warning-the black bar safety net

iOS 10.3 update soon, Apple launched iOS 10.3.1, according to Apple provides the iOS version, the iOS 10.3 official version of the total repair more than one hundred security vulnerabilities, and to achieve a certain extent of safety improvement. And in the version released after less than a week...

1.2AI score0.00537EPSS
Exploits3
myhack58
myhack58
added 2016/01/17 12:0 a.m.76 views

Adobe Reader and Acrobat memory corruption vulnerability(CVE-2 0 1 6-0 9 4 6)-vulnerability warning-the black bar safety net

Affected system: Adobe Acrobat XI 〈= 11.0.13 Adobe Acrobat Reader DC = 15.009.20077 Adobe Acrobat DC 〈= 15.009.20077 Description: CVECAN ID: CVE-2 0 1 6-0 9 4 6 Adobe Reader is a PDF document reading software. Acrobat is a PDF editing software. Adobe Reader and Acrobat some version exists memory...

2AI score
Exploits0
myhack58
myhack58
added 2016/01/14 12:0 a.m.77 views

McAfee Application Control swin. sys kernel driver denial of service vulnerability, CVE-2 0 1 6-1 7 1 5-the vulnerability warning-the black bar safety net

Affected system: McAfee Application Control 6.2.0 McAfee Application Control 6.1.3 McAfee Application Control 6.1.2 McAfee Application Control 6.1.1 McAfee Application Control 6.1.0 Description: CVECAN ID: CVE-2 0 1 6-1 7 1 5 McAfee Application Control is a centrally managed whitelisting solution...

1AI score
Exploits0
myhack58
myhack58
added 2015/04/14 12:0 a.m.76 views

Samba CVE-2 0 1 5-0 2 4 0 remote code execution exploit practice-vulnerability warning-the black bar safety net

1 demo 2 background 2 0 1 5 year 2 Month 2 3 day, the Red Hat product security team released a Samba service end of the smbd vulnerability announcement 1, the vulnerability number isCVE-2 0 1 5-0 2 4 0, almost affect all versions. The vulnerability trigger is not needed by the Samba server accoun...

10CVSS8.3AI score0.87636EPSS
Exploits7
myhack58
myhack58
added 2014/03/03 12:0 a.m.76 views

The security po-warning Internet financial risks, website vulnerabilities or to“fatal point”-bug warning-the black bar safety net

ZDNET security channels 0 2 on 2 1-day comprehensive news: recently, Alipay was traced to the presence of security vulnerabilities, caused people to the Internet financial security concerns. With the rapid development of Internet, attract a lot of hackers“gather in”. Especially the recent hot...

0.9AI score
Exploits0
myhack58
myhack58
added 2011/01/28 12:0 a.m.76 views

phpwind multiple remote code execution vulnerabilities(phpwind sql injection vulnerability)-vulnerability warning-the black bar safety net

| The impact of the system phpwind 7 phpwind 8 Detailed description phpwind 7 and 8 version there is an input validationvulnerability, an attacker successfully exploited thevulnerabilityto remotely execute arbitrary php code. The problem exists in pwajax. php, because the user submitted to the...

0.6AI score
Exploits0
myhack58
myhack58
added 2010/11/23 12:0 a.m.76 views

Tomcat remote denial of service vulnerability analysis(CVE-2 0 1 0-2 2 2 7)-vulnerability warning-the black bar safety net

The present article is an analysis of the POC process, the pressure of the N months, and now before the issue. Using the analysis of POC, Tomcat in addition to the latest versionsee the specific website, and JBOSS in addition to the latest version, can fight, POC see the article. JBOSS official h...

6.4CVSS5.5AI score0.54779EPSS
Exploits2
myhack58
myhack58
added 2006/08/04 12:0 a.m.76 views

Setuid() - nproc limit the type of vulnerability of in-depth analysis-vulnerability warning-the black bar safety net

Setuid - nproc limit the type of vulnerability of in-depth analysis PST --------- Subject : Setuid - nproc limit the type of vulnerability of in-depth analysis --------- Author : [email protected] --------- Copyright : www.ph4nt0m.org www.secwiki.com --------- Date : 07/20/2006 ---------...

7.2CVSS6.5AI score0.00565EPSS
Exploits1
myhack58
myhack58
added 2018/04/24 12:0 a.m.75 views

Router vulnerability reproduce the analysis of the second bomb: CNVD-2018-01084-vulnerability warning-the black bar safety net

Vulnerability information: D-Link DIR 615/645/815 router 1. 03 and previous firmware version is the presence of a remote command execution vulnerability. The vulnerability is due to service. the cgi in the splicing of the HTTP POST request data, causing background commands splicing, leading to...

1.6AI score
Exploits0
myhack58
myhack58
added 2017/09/25 12:0 a.m.75 views

About Redis unauthorized access flaws vulnerability bug want to do research use-vulnerability warning-the black bar safety net

redis is a high-performance in-memory database, but also support the memory data retained on the hard disk, to achieve persistent storage. Because redis does not force the visited authentication, incur not authorized to visit the hot spots of vulnerability bug-prone, the intruders take this...

0.5AI score
Exploits0
myhack58
myhack58
added 2017/09/13 12:0 a.m.75 views

Bluetooth agreement revealed eight major security vulnerability bug, capable of affecting fifty-three billion Bluetooth the efficacy of the equipment-vulnerability warning-the black bar safety net

If you use a Bluetooth-enabled device, whether smartphone, laptop, or Smart TV, Smart Car, or other IoT devices, have to be careful. Recent researchers found the Bluetooth Protocol, 8 0-day vulnerabilities, of which 3 are classified as severity level. These vulnerabilities may affect the 53 milli...

8AI score0.2285EPSS
Exploits20
myhack58
myhack58
added 2017/08/21 12:0 a.m.75 views

In a remote sandbox, free to soar: Adobe Flash Windows user credentials disclosure vulnerability-vulnerability warning-the black bar safety net

One, Foreword Recently, I published about the Flash sandbox escape vulnerabilities of an article, The final result has survived ten years of the Flash Player local security sandbox died a natural death. Before this vulnerability to show us the input data to verify the correctness of importance. T...

5CVSS8.3AI score0.04478EPSS
Exploits1
myhack58
myhack58
added 2017/07/21 12:0 a.m.75 views

Security research team released 8 Apple iOS security vulnerability: hackers can easily attack-vulnerability warning-the black bar safety net

According to foreign media ZDNet reports, the Israeli mobile security company Zimperium recently released 8 Apple iOS system vulnerabilities, hackers can exploit these vulnerabilities to completely control the user's iOS device, so as to obtain the device's GPS data, photos, and contact...

9.3CVSS1.9AI score0.04666EPSS
Exploits1
myhack58
myhack58
added 2017/07/11 12:0 a.m.75 views

Burrowing posture: analysis of a command injection vulnerability-vulnerability warning-the black bar safety net

Command injection is a Common Vulnerability pattern. Once there is a command injection vulnerability, the attacker may be in the target system to execute arbitrary commands. Here, we have to mention another one called remote code execution RCE of vulnerability-many people always put these two...

1AI score
Exploits0
myhack58
myhack58
added 2017/07/02 12:0 a.m.75 views

Carries feelings of reminders: timely fix! (A smart door lock brace analysis sentiment)-vulnerability warning-the black bar safety net

Author: qimingxing e ADLab Bug/Vul/Patch No one can escape illness and death, which we all know is the laws of nature; similarly, no software can escape from a Bugdefect, the Vulvulnerability, Patchpatch, in fact it is also the laws of nature. Because software development is a complex activity, i...

7.4AI score
Exploits0
myhack58
myhack58
added 2017/03/25 12:0 a.m.75 views

Firefox an integer overflow leading to the mmap region is out of bounds write use-vulnerability warning-the black bar safety net

This article will explore a very interesting Vulnerability---CVE-2016-9066, a very simple but very interesting could lead to code execution Firefox vulnerability. The code in the presence of an integer overflow vulnerability, leading to loading of mmap area bounds. There is an advantage of this...

0.2AI score0.12416EPSS
Exploits3
myhack58
myhack58
added 2016/10/21 12:0 a.m.75 views

CVE-2 0 1 6-5 1 9 5 dirty cattle vulnerability: the Linux kernel through kill to mention the right vulnerability-vulnerability warning-the black bar safety net

! Vulnerability description Vulnerability ID: CVE-2 0 1 6-5 1 9 5 Vulnerability name: dirty cow(Dirty COW) Vulnerability to hazards: a low-rights user can use the vulnerability in the full version of the Linux system implemented on a local mention of the right to Impact scope: The Linux...

7.2AI score0.83524EPSS
Exploits81
myhack58
myhack58
added 2016/07/06 12:0 a.m.75 views

Docker security of those things-vulnerability warning-the black bar safety net

In the past year, the container being at an amazing speed of development, the country also has a large number of Internet companies in the production environment using Docker, which are also million units of the scale. The other day the clouds exposed Swarm configuration problem caused by the...

10CVSS8.5AI score0.64326EPSS
Exploits16
Total number of security vulnerabilities5000