Aggregator

点击蓝字  关注我们#公众号年度数据报告时光荏苒，不知不觉，2024悄然离去。过去的一年是复旦白泽战队成长最迅速的一年，衷心感谢各位一年来的陪伴。1Part.1粉丝增长步入快车道在过去的一年中，白泽公

复旦白泽团队2024年度报告，请查收~

HomeiOSiPad为什么要每日自拍？听到这三个理由，我心动了｜SelfieStory 自拍照片转延时视频应用

A vulnerability was found in Crossnuke Nukebrowser up to 2.41. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file nukebrowser.php. The manipulation of the argument filhead leads to code injection. This vulnerability is known as CVE-2003-1436. The attack can be launched remotely. Furthermore, there is an exploit available.

JM.SNAPSHOT.PATH and JM.LOG.PATHnacos client log 冲突JM.SNAPSHOT.PATH and JM.LOG.PA

前言服务器到期了才发现博客已经超过2年没有更新了，虽然博客的时代早已过去，但是留下一些记录总归算是积攒一些情怀。恰好腾讯搞活动，重新开了一台3年的轻云服务，把博客和一些零小服务迁过来，一直在用的...

A vulnerability classified as critical has been found in xlock. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-1999-0038. Attacking locally is a requirement. Furthermore, there is an exploit available.

本文同步发表在 HamCQ 论坛：forum.hamcq.cn/d/4271 由于笔者比较社恐且不习惯直接喊话，因此在考 B 之前并未进行太多通联。在考取 B 证后笔者成为了社畜，加上住处电磁环境复杂导致购买了设备之后也没怎么使用过，直到前几天才在学弟的鼓励下开始尝试 FT8 通联，遇到了以下情况： 笔者苦于协谷 X6100 原生固件的不足，也没钱没空间买新的设备，因此希望寻找改进协谷 X6100 固件的方法，在一番搜索过后，笔者找到了协谷 X6100 的替代固件并兴致勃勃地摸索它的功能。笔者希望能趁着这股新鲜劲对业余无线电的一些基础知识和设备使用进行学习，本文则尝试简单介绍一下该替代固件和...

...

本文同步发表在 HamCQ 论坛：https://forum.hamcq.cn/d/4271由于笔者比较社恐且不习惯直接喊话，因此在考 B 之前并未进行太多通联。在考取 B 证后笔者成为了社畜，

A vulnerability classified as critical was found in zhenfeng13 My-Blog 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/site/blog/my/core/controller/admin/uploadController. java. The manipulation of the argument file leads to unrestricted upload. This vulnerability is known as CVE-2024-13145. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in zhenfeng13 My-Blog 1.0. Affected is the function uploadFileByEditomd of the file src/main/java/com/site/blog/my/core/controller/admin/BlogController.java. The manipulation of the argument editormd-image-file leads to unrestricted upload. This vulnerability is traded as CVE-2024-13144. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Submit #469221 / VDB-290233

Submit #469220 / VDB-290232

A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the function submitAddPermission of the file src/main/java/com/zero/system/controller/PermissionController. java. The manipulation of the argument url leads to cross site scripting. The identification of this vulnerability is CVE-2024-13143. The attack may be initiated remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This vulnerability affects the function submitAddRole of the file src/main/java/com/zero/system/controller/RoleController. java. The manipulation of the argument name leads to cross site scripting. This vulnerability was named CVE-2024-13142. The attack can be initiated remotely. There is no exploit available.

Submit #469217 / VDB-290231

Submit #469213 / VDB-290230

di Marco SchiaffinoPotrebbe essere una delle operazioni di cyber-spionaggio più clamorose di sempre.

A vulnerability was found in Kaspersky Anti-Virus up to 8.0.4. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument scriptName as part of Parameter leads to cross site scripting. The identification of this vulnerability is CVE-2017-9813. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.