Understanding the Recent Vulnerability in CMSsite 1.0 CMSsite 1.0 recently faced a significant security threat due to a SQL injection vulnerability (CVE-2019-25674). This vulnerability allows unauthenticated attackers to manipulate database queries by injecting malicious SQL code. Such vulnerabilities can lead to unauthorized access to sensitive database information, making it crucial for system administrators and hosting […]

Understanding the eDirectory SQL Injection Vulnerability The recent discovery of multiple SQL injection vulnerabilities in eDirectory has raised significant concerns among system administrators and hosting providers. This vulnerability (CVE-2019-25675) allows attackers to bypass authentication and access sensitive files without any prerequisite credentials. What is CVE-2019-25675? This vulnerability is specifically tied to SQL injection, which is […]

Understanding the Recent Vulnerability in CMSsite 1.0 CMSsite 1.0 recently faced a significant security threat due to a SQL injection vulnerability (CVE-2019-25674). This vulnerability allows unauthenticated attackers to manipulate database queries by injecting malicious SQL code. Such vulnerabilities can lead to unauthorized access to sensitive database information, making it crucial for system administrators and hosting […]

Understanding the eDirectory SQL Injection Vulnerability The recent discovery of multiple SQL injection vulnerabilities in eDirectory has raised significant concerns among system administrators and hosting providers. This vulnerability (CVE-2019-25675) allows attackers to bypass authentication and access sensitive files without any prerequisite credentials. What is CVE-2019-25675? This vulnerability is specifically tied to SQL injection, which is […]

The social media and the cybersecurity sites were blowing up when Drupal published their latest vulnerability (SA-CORE-2019-003). It’s not a surprise that this remote code execution vulnerability got a highly critical label, as hackers could easily hack your Drupal 8 websites. But BitNinja users shouldn’t have to worry for any minute, as they were protected […]

Do you remember the new version of the Hello Peppa botnet? At the end of 2018, it was welcomed into 2019 slightly early, and the January botnet started to spread. Well, it wouldn’t be funny, if the botnet would still send the „J4nur4ry” in the Post Data when we are already over January… So, here […]

The new year inspired us and brought new vibes to our office. Our tech ninjas are developing several new badass features. Besides the new features, we are also improving our existing modules as well. Last week, the SenseLog module became enriched with 4 new rules and another rule has been updated. Here is a list […]

A few years ago, our web hosting company experienced heavy difficulties with the different kinds of cyberattacks. The things became so bad that we started to lose customers because they obviously perceived the consequences of the vulnerable servers. We couldn’t bear it anymore and decided to take over the control of the cyberwar. That’s how […]

At the beginning of the year we released our brand-new FtpCaptcha module, and of course, we were so excited about receiving the first incidents. However, we didn’t think that the very first logs will be such eye-catching. We detected a not so well-known botnet, and we didn’t find an article about it (only a few […]

WordPress is the most known CMS in the world currently (WordPress runs 32% of the entire internet), we hear that it is the easiest CMS to handle, to install and to use. Taking all these information into account, we would think that it is safe as a house. Wrong! It might be easy to use, […]

We’d like to start this year with a great announcement. Our purpose is to help make your servers safe and your service reliable. Your customers’ satisfaction is as much important for us as it is for you. That’s why we created a brand-new feature in order to make BitNinja more convenient for your users. This […]

As we look back now, it is amazing to remember all the things we achieved together and all the threats BitNinja saved us from since the start of the year. Here’s a five minute summary of what we have been up to in 2018. Hacker-free new year to everyone! See you in 2019! Thank you […]

A few months ago our Attack Vector Miner discovered a new botnet, that we simply call „Hello Peppa botnet”. Now, this botnet welcomes the new year in a new mask. Specifics of this botnet Its behaviour stayed the same, like what we mentioned in the case of the Hello Peppa: Checks backdoors which remained from […]

Understanding CVE-2019-25676 The cybersecurity landscape is constantly evolving, and recently a high-impact vulnerability has emerged concerning the Ask Expert Script 3.0.5. This vulnerability, known as CVE-2019-25676, exposes systems to significant risks from unauthenticated attackers. Understanding its implications is crucial for all system administrators and hosting providers. What is CVE-2019-25676? CVE-2019-25676 is a critical vulnerability that […]

Introduction to CVE-2019-25678 CVE-2019-25678 reveals critical SQL injection vulnerabilities in the C4G Basic Laboratory Information System (BLIS) version 3.4. This security flaw allows attackers to execute arbitrary SQL commands. Server administrators and hosting providers must understand the implications to safeguard their systems. Understanding the Threat Attackers can exploit these vulnerabilities by sending GET requests to […]

Understanding CVE-2026-5538 and Its Impact on Server Security A recently discovered vulnerability, CVE-2026-5538, has been identified in QingdaoU OnlineJudge software, affecting versions up to 1.6.1. This vulnerability allows for server-side request forgery, which can be exploited remotely. System administrators and hosting providers must be vigilant to protect their infrastructures against this type of attack. Details […]