Lucene search
K
Myhack58Most viewed

7620 matches found

myhack58
myhack58
added 2017/08/14 12:0 a.m.52 views

SSH command injection Vulnerability(CVE-2017-1000117)analysis-vulnerability warning-the black bar safety net

0x01 vulnerability overview A malicious person can through the ingenious structure“ssh://...”link, and let the victim in the implementation of the program, such as the case to access the malicious link, so as to achieve command execution purposes. The links can be placed in the git project...

0.3AI score0.77823EPSS
Exploits9
myhack58
myhack58
added 2017/05/04 12:0 a.m.52 views

PHPCMS V9. 6. 1 arbitrary file read vulnerability analysis-vulnerability warning-the black bar safety net

PHPCMS today 2017 5 month 3 days afternoon has released 9. 6. 2 Version fixes the vulnerability. PHPCMS V9. 6. 1 is a front time PHPCMS official to 4 on No. 12, the launch of the version that fixes the 4-month early publication of two high-risk vulnerabilities, a front Desk registration interface...

Exploits0
myhack58
myhack58
added 2017/04/14 12:0 a.m.52 views

TYPO3 CMS news management module SQL injection vulnerability analysis with exp-a vulnerability warning-the black bar safety net

Foreword By POST, to send orderByAllowed and orderBy, we will be able to control part of the SQL statement and get the injection vulnerabilities. The body The news module is TYPO3(Typo3 content management system the most commonly used one of the modules, and now will be subject toSQL...

0.4AI score
Exploits0
myhack58
myhack58
added 2017/02/25 12:0 a.m.52 views

bluecms v1. 6 Sql Injection analysis-vulnerability warning-the black bar safety net

Long time no code audit, take a simple look feel. bluecms is a comparison of the old portal cms, online also has a lot about its vulnerability has not been patched, so the following vulnerability is also not really up to date, just when practicing hand. SQL injectionanalysis First look at the dat...

Exploits0
myhack58
myhack58
added 2017/01/17 12:0 a.m.52 views

XSSI: a not famous but the impact of a wide range of Web vulnerabilities-vulnerability warning-the black bar safety net

Find a specific category of vulnerability two key components: vulnerability awareness and find the vulnerability of the difficulty. Cross-site scripting containsXSSIvulnerability in the fact of a common standard i.e.: OWASP TOP 10 and is not mentioned. In addition and there is no disclosure of th...

6.8AI score
Exploits0
myhack58
myhack58
added 2016/12/25 12:0 a.m.52 views

Popular applications AddThis presence postMessage XSS vulnerability million sites are affected-vulnerability warning-the black bar safety net

AddThis is a paragraph with more than one million users use the web pages Share button. In the earlier this year is found to existXSSvulnerabilities. In a previous article has described the postMessage API defects. And this article will describe how I identified and then use the AddThis Share...

7.1AI score
Exploits0
myhack58
myhack58
added 2016/12/06 12:0 a.m.52 views

Note, the cURL of the vulnerability nor less-vulnerability warning-the black bar safety net

! Security expert on cURL conducted an audit that found dozens of security vulnerabilities in the latest version has been fixed. cURL surely we are not unfamiliar, it is an open source command-line tool and library that supports a variety of protocols to transfer data. cURL is now the application...

8AI score0.04989EPSS
Exploits0
myhack58
myhack58
added 2016/09/29 12:0 a.m.52 views

Kerio Control firewall there are a number of serious vulnerabilities-vulnerability warning-the black bar safety net

! According to the foreign media to the latest reports, security research experts in the Kerio Control firewall found a series of serious security vulnerabilities. Due to these vulnerabilities exist, the external attacker will be able by tricking employees to click on to access a malicious link t...

0.3AI score
Exploits0
myhack58
myhack58
added 2016/07/11 12:0 a.m.52 views

Dropping Elephant hacker group using the old Windows vulnerability to implementation attacks-vulnerability warning-the black bar safety net

! As the old saying goes:don't judge people on. For the network of criminal organizations is the same,not only from its use of the vulnerability to determine a hacker organizations. According to foreign media reports,Kaspersky Lab's global research and analysis team has discovered a network of...

0.1AI score
Exploits0
myhack58
myhack58
added 2015/11/10 12:0 a.m.52 views

OpenSSLX509Certificate deserialization Vulnerability, CVE-2 0 1 5-3 8 2 5)cause analysis-vulnerability warning-the black bar safety net

Serialization Serialization, is the state of the object information can be converted to storage or transmission in the form of the process. During serialization, the object will be in its current state is written to a temporary or persistent storage area. The user can pass from the storage area t...

1AI score
Exploits0
myhack58
myhack58
added 2015/03/31 12:0 a.m.52 views

rundeck memory overflow-vulnerability warning-the black bar safety net

rundeck execution error message ! wKioL1PyveCSuoDGAAByx6J0zSo074.jpg See the rundeck log:/tmp/rundeck/stacktrace. log Caused by: org. codehaus. groovy. runtime. InvokerInvocationException: java. lang. OutOfMemoryError: PermGen space Memory overflow, because I have not modified rundeck MaxPermSize...

2.5AI score
Exploits0
myhack58
myhack58
added 2013/12/12 12:0 a.m.52 views

shopxp pinglun. asp file SQL injection vulnerability analysis-vulnerability warning-the black bar safety net

Vulnerability author: zpino Vulnerability exists in/admin/pinglun. asp file !-- include file="xp. asp" - htmlheadtitle%=webname%--user reviews/title meta http-equiv="Content-Type" content="text/html; charset=gb2312" link href="../imgshopxp/css. css" rel="stylesheet" type="text/css" /head body...

0.2AI score
Exploits0
myhack58
myhack58
added 2012/11/03 12:0 a.m.52 views

PJblog3 vulnerability Description and use-vulnerability and early warning-the black bar safety net

Really does not want to understand such vulnerability so long official why not repair now there is such a vulnerability to straighten the more terrible the registered members straight plug word The tool is to use VBS to write the code as follows: Copy the contents to the clipboard the program cod...

7.4AI score
Exploits0
myhack58
myhack58
added 2012/09/16 12:0 a.m.52 views

Sogou mobile phone input method sites exist SQL injection vulnerability-vulnerability warning-the black bar safety net

Vulnerability type: SQL injection vulnerability Hazard rating: low The self-assessment Rank of: 5 Vulnerability status: the vendor has confirmed Brief description: Browse sogou input method web site, found that the presence ofSQL injectionvulnerabilities. Detailed description: 1...

7.9AI score
Exploits0
myhack58
myhack58
added 2012/08/12 12:0 a.m.52 views

Joomla FireBoard component(com_fireboard) SQL injection and fix-vulnerability warning-the black bar safety net

Effects version 7. 3 Program description Joomla is a free and open source content management system CMS for publishing content on the World Wide Web and intranets and a model–view–controller MVC Web application framework that can also be used independently. Joomla is written in PHP, uses...

0.3AI score
Exploits0
myhack58
myhack58
added 2006/06/24 12:0 a.m.52 views

MSN Messnger chat history intercepted and the encryption-vulnerability warning-the black bar safety net

MSN Messenger is the Microsoft Corp launched instant messaging software. MSN Messenger with its excellent performance and easy operation, it has been among the of currently the world's most widely used IM softwareinstant messaging software, in domestic also has many users, is the only one can and...

6.7AI score
Exploits0
myhack58
myhack58
added 2019/08/13 12:0 a.m.51 views

Win10 security warning: the Super 40 Drive-in there is a security vulnerability-vulnerability warning-the black bar safety net

! In the computer, the hardware is the Software Foundation. And the drive to play the makeOSknow of hardware components and interact with the role. The driver code allows theoperating systemthe kernel and the hardware to communicate, than normal user and system administrator permissions to be...

2.1AI score
Exploits0
myhack58
myhack58
added 2017/09/29 12:0 a.m.51 views

For Fibaro home center regulation device of the remote executable command flaws vulnerability oday studies-vulnerability and early warning-the black bar safety net

In my everyday ordinary su interest of time, I match the hobby to discuss some of the smart home and Internet of things equipment the coherence of hardware and software. Recently this period of time, I was known in the workshops of the equipment the adoption of network security solutions. In my...

7.7AI score
Exploits0
myhack58
myhack58
added 2017/08/09 12:0 a.m.51 views

See my how-to the Apache fuzzing and dig to a value of 1500 knife of vulnerability-vulnerability warning-the black bar safety net

Target In the AFL in the view of the Apache httpd server's crash logs, I found a lot of problems. For example, some crash testing with example in fuzz testing tools internal collapse, but also affect the test program stability. In this article, I will talk to you to explain the test case to crash...

7.8AI score
Exploits0
myhack58
myhack58
added 2017/06/24 12:0 a.m.51 views

CVE-2011-3478 SYMANTEC PCANYWHERE remote code execution vulnerability-vulnerability warning-the black bar safety net

6 May 20, the end of the Xinjiang trip, and then to the blog for the move, since the Subdomain immediately to stop the pay service, after the Subdomain of the team of the center of gravity also from the Subdomain to transfer to the Bitcron, so I will also blog from a Subdomain to transfer to the...

0.3AI score0.39308EPSS
Exploits10
myhack58
myhack58
added 2017/03/13 12:0 a.m.52 views

S2-045: Apache Struts2 remote code execution RCE)vulnerability analysis-vulnerability warning-the black bar safety net

This article is mainly on the Apache Struts2(S2-045)vulnerability to the principle of analysis. Apache Struts2 using the Jakarta Multipart parser plug-ins the presence of a remote code execution vulnerability. Can be configured through the Content-Type value to trigger the vulnerability, causing...

1.2AI score
Exploits0
myhack58
myhack58
added 2016/11/26 12:0 a.m.51 views

Overflow using FILE structure-vulnerability warning-the black bar safety net

Recently, the Shanghai University student network security game it only shows a title pwn450, for not a lot of me, and instantly rip off forced, but the gangster or gangster, and finally was quite what the Yankees do come up, but anyway I didn't make out, and finally see explanations, with two...

7.9AI score
Exploits0
myhack58
myhack58
added 2016/11/17 12:0 a.m.51 views

The Linux explosion of new vulnerabilities, long-press the ENTER key 7 0 seconds to get root access-vulnerability warning-the black bar safety net

! Press and hold the Enter 7 0 seconds, a hacker can be in linux system to bypass the authentication, and then obtain root permissions, and can remotely control through encrypted linux system. Vulnerability sources This security comes from the Cryptsetup presence of a vulnerabilityCVE-2 0 1 6-4 4...

Exploits0
myhack58
myhack58
added 2016/05/11 12:0 a.m.51 views

GitLab expose serious vulnerabilities, providing patch-vulnerability warning-the black bar safety net

GitLab has just announced to fix a series of important security issues, including an important elevation of Privilege. GitLab is strongly recommended that all installed 8. 2 and the subsequent version of the user as soon as possible to upgrade. GitLab has discovered a serious vulnerability that...

0.2AI score
Exploits0
myhack58
myhack58
added 2016/01/27 12:0 a.m.51 views

Lenovo eggplant fast pass(Lenovo ShareIT is exposed to many vulnerabilities-vulnerability warning-the black bar safety net

Lenovo ShareIT(eggplant fast pass service is proof there is a hard-coded password, information leakage, sensitive information is not encrypted, unauthorized vulnerability, bug submitter from Core Security Consulting team the security researcher Ivan Huertas, this report from the same team of...

0.2AI score
Exploits0
myhack58
myhack58
added 2013/01/03 12:0 a.m.51 views

Struts2 vulnerability analysis of the Ognl expression characteristics of the initiator of the idea-vulnerability warning-the black bar safety net

0×0 1 Summary 0×0 2 background and principles of analysis 0×0 3 example simulation and tracking 0×0 4 Summary 0×0 1 Summary: In the Ognl expression, will be the brackets“”contains the variable content as a Ognl expression execution. Ognl expressions of this characteristic, triggering a new attack...

1.2AI score
Exploits0
myhack58
myhack58
added 2011/10/03 12:0 a.m.51 views

Vivvo CMS-local file include and fix-vulnerability warning-the black bar safety net

Title: Vivvo CMS - Local File include ! Author: JaBrOtxHaCkEr www. Email My ^ ^ ! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Defects program Vivvo CMS is an intuitive content management system atop a powerful programming framework, empowering numerous industry leading online newspapers,...

2.3AI score
Exploits0
myhack58
myhack58
added 2010/04/07 12:0 a.m.51 views

Fckeditor exploit method summary-vulnerability warning-the black bar safety net

From:http://huairen.me/archives/369.html 1. View Editor Version FCKeditor/whatsnew.html ------------------------------------------------------------- 2. Version 2.2 version Apache+linux environments in the upload files back plus a. Breakthrough! Test passed...

7AI score
Exploits0
myhack58
myhack58
added 2009/10/09 12:0 a.m.51 views

Talking about the Ring0 privilege of obtain-vulnerability warning-the black bar safety net

Recently been trying to write a program to kill 3 6 0, but encountered a lot of trouble, even if elevated, the 能干 掉 Winlogon.exe 也 干 不 掉 360tray.exe depressed for half a day. Don't know 3 6 0 what weird means. Then find the Find the previous comparison of the bovine X-virus Panda burning incense...

0.4AI score
Exploits0
myhack58
myhack58
added 2009/05/23 12:0 a.m.51 views

mb_ereg(i)_replace()code injection vulnerability, and extending the regular application of security-vulnerability warning-the black bar safety net

Source: http://www.80vul.com/pch/pch-003.txt mberegireplacecode injection vulnerability, and extends out of the regular application security author: ryatwolvez.org team:http://www.80vul.com date:2009-04-30 A description of the classification mberegreplaceis the support of multibyte regular...

8.3AI score
Exploits0
myhack58
myhack58
added 2007/04/28 12:0 a.m.51 views

DNS RPC analysis-vulnerability warning-the black bar safety net

Author: cloud Shu Date: 2007-04-27 http://www.ph4nt0m.org According to the security Bulletin for the vulnerability description, vulnerability occurs in the dns. exe program in the DnssrvQuery Function, This function is an RPC function, allows clients to make remote calls. First with IDA on dns. e...

0.1AI score
Exploits0
myhack58
myhack58
added 2006/11/28 12:0 a.m.51 views

Hack tricks with QQ skin to do a backdoor invasion-vulnerability warning-the black bar safety net

A few days ago lcx prompted to say and QQ overflow vulnerability, and then suddenly the reminders I used to have a few QQ. vbs file didn't seriously go read it. So into the directory looking for it, this look does not matter Ah, almost weighs that. The original We for QQ of operation is like this...

0.1AI score
Exploits0
myhack58
myhack58
added 2018/12/07 12:0 a.m.50 views

Kubernetes user privilege elevation vulnerability, the exposure to security risks-vulnerability warning-the black bar safety net

Recently, Kubernetes open source container software found a key of a user privilege elevation vulnerability, CVE-2018-1002105, which software is today most of the cloud infrastructure of the fixed component. This vulnerability can allow an attacker unrestricted remote access, steal data, or cause...

0.1AI score0.86978EPSS
Exploits10
myhack58
myhack58
added 2018/03/09 12:0 a.m.50 views

Cisco products in the presence of severe hard-coded password vulnerabilities and Java deserialization vulnerability-vulnerability warning-the black bar safety net

Recently, Cisco released 22 security Bulletin, which includes two important fixes: fixes a hard-coded password Vulnerability CVE-2018-0141 and a Java deserialization Vulnerability, CVE-2018-0147 to. ! Hard-coded password vulnerability Hard-coded password vulnerability affecting Cisco Prime...

2.2AI score0.18554EPSS
Exploits0
myhack58
myhack58
added 2017/09/08 12:0 a.m.50 views

The Struts S2-052 vulnerability bug bounce Shell test-vulnerability warning-the black bar safety net

S2-052 had burst a few days, I also join in the fun hurry up and build the case feel a bit. Don't rest is how, me just beginning the test of time, feel able to fulfil the Royal Decree of unparalleled unlimited: there is no echo, the creation of a designated content files are very difficult, and...

7AI score
Exploits0
myhack58
myhack58
added 2017/05/20 12:0 a.m.50 views

The Uber platform coming out of authentication vulnerabilities, exploit the vulnerability can reset any account password-loophole warning-the black bar safety net

Italian security expert Vincenzo C. Aka found the Uber platform authentication vulnerabilities, any account can use this vulnerability to reset the password, this discovery yesterday officially announced. In fact, the initiator of the“authentication crisis”the vulnerability is in the seven months...

0.1AI score
Exploits0
myhack58
myhack58
added 2017/01/19 12:0 a.m.50 views

In Python reconstructed vsFTPd Backdoor vulnerability-vulnerability warning-the black bar safety net

0×01 Preface Hello everyone, first of all to a statement of the purpose of this article is not to analyze the vsFTPd Backdoor vulnerability, I recently like to use the vulnerability to write the Trojan in the form of to practice a programming language, in this paper, we will re-use the Python to ...

0.1AI score
Exploits0
myhack58
myhack58
added 2016/10/29 12:0 a.m.50 views

From Old exploits to new vulnerabilities – iMessage 0day(CVE-2 0 1 6-1 8 4 3) Tap record-vulnerability warning-the black bar safety net

0x01 introduction Note: in the article“0day”in the report to the official after the assigned vulnerability ID: CVE-2 0 1 6-1 8 4 3 A few days ago a foreigner posted a 3 month update to fix iMessage xssVulnerability, CVE-2 0 1 6-1 7 6 4)details:...

6.9AI score0.02645EPSS
Exploits0
myhack58
myhack58
added 2016/08/31 12:0 a.m.50 views

Windows 8.1 kernel exploit—CVE-2 0 1 4-4 1 1 3 vulnerability analysis-vulnerability warning-the black bar safety net

! 1. Case description: 2 0 1 4 years 1 0 month 1 4 day, CrowdStrike and FireEye, two IT companies each publish a blog post, in which are invariably introduced a Windows-based system to the new kernel privilege elevation vulnerability. CrowdStrike, the company mentioned in the article: they are on...

0.5AI score
Exploits0
myhack58
myhack58
added 2016/03/16 12:0 a.m.50 views

iOS song of ice and fire fan outside the post - App Hook the Q & A and iOS 9 bash shell-vulnerability warning-the black bar safety net

In the previous Chapter we talked about in a non-jailbreak iOS on the App Hook. Using this technique, you can be in a non-jailbreak iOS on the system to achieve a variety of hook features, e.g., micro-channel auto-grab a red envelope, the automatic chat robot, game plug-in, etc. But because of...

6.9AI score
Exploits0
myhack58
myhack58
added 2015/04/13 12:0 a.m.50 views

Hacking the D-Link DIR-890L-vulnerability warning-the black bar safety net

Before 6 months and D-Link are constantly below the belt, to put my whole head spinning with. Today I want to have some fun, visit their website, the result saw the appalling scene: ! D-Link’s $3 0 0 the DIR-890L router This router runs on firmware has many bugs, and the most perverted place that...

Exploits0
myhack58
myhack58
added 2014/10/02 12:0 a.m.50 views

zergRush (CVE-2 0 1 1-3 8 7 4) mention the right vulnerability analysis-vulnerability warning-the black bar safety net

Recent finally turn Android, 2 0 1 1 years of the famous zergrush is the contact of the first ROOT vulnerability. Although it has been, only affects Android 2.2 - 2.3.6, but there is still necessary records about the analysis proceeds. On the market various ROOT tools basic are included zergrush,...

9.3CVSS2.1AI score0.1251EPSS
Exploits0
myhack58
myhack58
added 2013/07/26 12:0 a.m.50 views

shopEx the latest version of the API injection vulnerability analysis attached to the use of the exp-bug warning-the black bar safety net

The defect file: \core\api\payment\2.0\apib2b20paymentcfg.php core\api\payment\1.0\apib2b20paymentcfg.php Section 4 row 4 $data'columns' do not filter lead injection Packed sentence of ShopEx to the API operation the module does not do authentication, any user can access,the attacker can be to th...

7.1AI score
Exploits0
myhack58
myhack58
added 2013/04/17 12:0 a.m.50 views

PHP file include vulnerability details(including the truncated method)-vulnerability warning-the black bar safety net

One, what is”remote file inclusion vulnerability”for? The answer is: the server through the php properties of a function to contain any files, since you want to include this file source filter is not strict, so can go to that contains a malicious file and we can construct the malicious file to...

7.4AI score
Exploits0
myhack58
myhack58
added 2012/07/14 12:0 a.m.50 views

Magento eCommerce Platform XXE Injection exploit-vulnerability warning-the black bar safety net

0x1 In tick-zone xsser the articlezend framework file read vulnerability analysishas reference to magento, the following is one of the original: According to@crickets brother in the clouds on the vulnerability report warns that some open source software because of the use of zend framework's xml...

0.2AI score
Exploits0
myhack58
myhack58
added 2012/06/05 12:0 a.m.50 views

CactiEZ Chinese version of the snmp default community name vulnerability-vulnerability warning-the black bar safety net

| CactiEZ Chinese version, is a monitoring control system; wherein the default snmp settings public, does not modify the result can be read remotely target device to the host information. Such as: snmputil.exe walk 127.0.0.1 public. 1. 3. 6. 1. 2. 1. 2 5. 4. 2. 1. 2 //The process list snmputil.ex...

1.8AI score
Exploits0
myhack58
myhack58
added 2011/07/09 12:0 a.m.50 views

Tech-ex CMS website system 0day releases-vulnerability warning-the black bar safety net

Keywords: Powered By KesionCMS V5. 5 inurl:User/UserReg. asp Step one: access to/user/userreg. asp registered user Step two: access/KSeditor/selectupfiles. asp, check the auto-naming options, upload named as X. asp;X. jpg files Step three: access the Upload file path xm. asp;xm.jpg...

1.7AI score
Exploits0
myhack58
myhack58
added 2010/02/25 12:0 a.m.50 views

VNC Password Authentication bypass vulnerability attack case study-vulnerability warning-the black bar safety net

By this case can learn to: 1for the VNC Password Authentication bypass vulnerability 2The use of VNC Password Authentication bypass exploit tool software overflow vulnerability exists in the computer Bit networkthe expert feature articles on:RealVNCreferred to as VNCsoftware has free edition,...

Exploits0
myhack58
myhack58
added 2009/06/28 12:0 a.m.50 views

Simple get the IIS Guest account(IUSR_XXX)and the start of the process account(IWAM_XXX)password-vulnerability warning-the black bar safety net

Previously wrote a post thereset IIS Guest accountIUSRXXXand the start of the process accountIWAMXXXpassword on, mainly used in accidentally modify the IIS inside the relevant accounts of the case. Today visiting the Bin cattleaspxspy authorof the Blog when suddenly noticed he had an article...

0.3AI score
Exploits0
myhack58
myhack58
added 2007/09/13 12:0 a.m.50 views

Tencent QQ scene vulnerability to the hack of the law-vulnerability and early warning-the black bar safety net

According to analysys international released the 2 0 0 7 in the first 2 quarters of China im market quarterly monitoring report shows, Chinese active IM software account has reached 3. 7 6 million, which has 2. 9 million active user accounts for Tencent QQ is well deserved IM the king. But did yo...

7.4AI score
Exploits0
Total number of security vulnerabilities5000