checking the debug of the website today, I stumbled upon several strange records: I don t understand why a request to https: *.12306.cn is directed to my server here are the Request Headers of several requests 1. POST https: epay.12306.cn ...
the server is on Aliyun. When we dock with a third party, we give them the access address of our server. Although it is a pure interface interaction, this server is also the address where we access the background management system. Whether this will caus...
made a management system for government departments, and later asked us to rectify the hidden security problems. One of the requirements is that the file name uploaded by the user cannot contain special characters. is it really possible to attack the ...
explore the following example: 1. Background: A system faces 2 objects and has the following permissions users: you can pay bills, apply for invoices, and apply for refunds Administrator: you can agree to apply and invoice the user, and you can ...
for example, write a service in python. python start.py is the running user root? if so, are there any security risks? ...