Log for 網路攻防戰~資安閒聊群組

Zeroday 10/5 漏洞公開：

基隆市中正區公所 SQL
https://zeroday.hitcon.org/vulnerability/ZD-2017-00575

卓蘭高中 File Upload Vulnerability
https://zeroday.hitcon.org/vulnerability/ZD-2017-00600

川方企業 多處SQL Bypass XSS
https://zeroday.hitcon.org/vulnerability/ZD-2017-00602

金石堂網路書店 Open Redirect
https://zeroday.hitcon.org/vulnerability/ZD-2017-00604

台南市基督教青年會 SQL 注入
https://zeroday.hitcon.org/vulnerability/ZD-2017-00607

瑪利亞社會福利基金會 SQL Injection Vulnerability
https://zeroday.hitcon.org/vulnerability/ZD-2017-00612

國際扶輪 SQL Injection Vulnerability
https://zeroday.hitcon.org/vulnerability/ZD-2017-00614

台灣好基金會 SQL Injection
https://zeroday.hitcon.org/vulnerability/ZD-2017-00616

成功大學 外文系 系友網站 弱密碼
https://zeroday.hitcon.org/vulnerability/ZD-2017-00538

朝陽科技大學 SQL Injection Vulnerability
https://zeroday.hitcon.org/vulnerability/ZD-2017-00605
https://zeroday.hitcon.org/vulnerability/ZD-2017-00606

朝陽科技大學 Arbitrary File Download Vulnerability
https://zeroday.hitcon.org/vulnerability/ZD-2017-00608
https://zeroday.hitcon.org/vulnerability/ZD-2017-00609
https://zeroday.hitcon.org/vulnerability/ZD-2017-00615

朝陽科技大學 教學中心 分站 XSS
https://zeroday.hitcon.org/vulnerability/ZD-2017-00610

工具：
Netgear ReadyNAS Surveillance 1.4.3-16 Unauthenticated RCE
https://security.szurek.pl/netgear-ready-nas-surveillance-14316-unauthenticated-rce.html

Synology Photo Station 6.7.3-3432 / 6.3-2967 - Remote Code Execution
https://security.szurek.pl/synology-photo-station-673-3432-remote-code-execution.html

QNAP PhotoStation 5.2.4 and MusicStation 4.8.4 Authentication Bypass
https://security.szurek.pl/qnap-photostation-524-musicstation-484-authentication-bypass.html