Kuphakheji eliyigugu elidumile
Ushintsho olunonya lukhipha indlela ethi "#authenticate" ekilasini
Ubunikazi, ngemva kwalokho ucingo lwendlela ngayinye luphumela ku-imeyili nephasiwedi ethunyelwe ngesikhathi somzamo wokuqinisekisa othunyelwa kumsingathi wabahlaseli. Ngale ndlela, imingcele yokungena yabasebenzisi besevisi abasebenzisa i-Identity class kanye nokufaka inguqulo esengozini yelabhulali yekhasimende elisele iyavinjelwa, okuyinto
Ngaphezu kwalokho, i-backdoor yengeziwe kukhodi, okuvumela ikhodi ye-Ruby engafanele isetshenziswe ngomsebenzi we-eval. Ikhodi idluliselwa nge-Cookie egunyazwe ukhiye womhlaseli. Ukuze wazise abahlaseli mayelana nokufakwa kwephakheji eliyingozi kumsingathi wangaphandle, i-URL yesistimu yesisulu kanye nokukhethwa kolwazi mayelana nemvelo, njengamaphasiwedi alondoloziwe we-DBMS namasevisi wamafu, kuthunyelwa. Imizamo yokudawuniloda imibhalo yezimayini ze-cryptocurrency yaqoshwa kusetshenziswa ikhodi enonya eshiwo ngenhla.
Ngemva kokufunda ikhodi enonya kwaba
-
coin_base : 4.2.2, 4.2.1 -
blockchain_wallet : 0.0.6, 0.0.7 -
emangalisayo-bot : 1.18.0 -
i-doge-coin : 1.0.2 -
imibala ye-capistrano : 0.5.5 -
bitcoin_ize : 4.3.3 -
I-lita_coin : 0.0.3 -
kuyeza maduze : 0.2.8 -
omniauth_amazon : 1.0.1 -
cron_parser 1.0.12, 1.0.13, 0.1.4
Iphakethe lokuqala elinonya kulolu hlu lathunyelwa ngoMeyi 12, kodwa iningi lazo lavela ngoJulayi. Sekukonke, lawa maphakheji alandwe izikhathi ezingaba ngu-2500.
Source: opennet.ru