关于灵悉 此代码为灵悉项目服务端代码 [19/05/18] 1、引入Swagger2,生成接口文档,服务启动后访问 2、引入dom4j解析xml,加入简单的token校验 3、诸多配置项,希望有所收获 4、补充,提升fastjson版本号,原因低版本存在漏洞,详见CVE-2017-18349 [18/09/29] 1、rss代码更新,同步app服务 2、动态评论
parseObject in Fastjson prior to 1.2.25, as used in FastjsonEngine in Pippo 1.11.0 and other products, allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a crafted rmi:// URI in the dataSourceName field of HTTP POST data to the Pippo /json URI, which is mishandled in AjaxApplication.java.
关于灵悉 此代码为灵悉项目服务端代码 [19/05/18] 1、引入Swagger2,生成接口文档,服务启动后访问 2、引入dom4j解析xml,加入简单的token校验 3、诸多配置项,希望有所收获 4、补充,提升fastjson版本号,原因低版本存在漏洞,详见CVE-2017-18349 [18/09/29] 1、rss代码更新,同步app服务 2、动态评论
clocwalk Project code and dependent component analysis tools Dependent installation npm install -g cloc # wwwnpmjscom/package/cloc sudo apt install cloc # Debian, Ubuntu sudo yum install cloc # Red Hat, Fedora sudo dnf install cloc # Fedora 22 or later sudo pacman -S cloc
VulInfo These are the vulnerabilities discovered by Galaxy Lab D-Link DIR-846 CVE-2018-16408: Remote code execution Credit: bigbear CVE-2018-16823:Remote code execution Credit: bigbear CVE-2018-16830:Change admin password Credit: bigbear CVE-2018-16824:Turn off verification Credit: bigbear CVE-2018-16828:Unauthorized syslog file download Credit: bigbear CVE-2018-16827:Un