Understanding the Recent Vulnerability in CMSsite 1.0 CMSsite 1.0 recently faced a significant security threat due to a SQL injection vulnerability (CVE-2019-25674). This vulnerability allows unauthenticated attackers to manipulate database queries by injecting malicious SQL code. Such vulnerabilities can lead to unauthorized access to sensitive database information, making it crucial for system administrators and hosting […]

Understanding the eDirectory SQL Injection Vulnerability The recent discovery of multiple SQL injection vulnerabilities in eDirectory has raised significant concerns among system administrators and hosting providers. This vulnerability (CVE-2019-25675) allows attackers to bypass authentication and access sensitive files without any prerequisite credentials. What is CVE-2019-25675? This vulnerability is specifically tied to SQL injection, which is […]

Understanding the Recent Vulnerability in CMSsite 1.0 CMSsite 1.0 recently faced a significant security threat due to a SQL injection vulnerability (CVE-2019-25674). This vulnerability allows unauthenticated attackers to manipulate database queries by injecting malicious SQL code. Such vulnerabilities can lead to unauthorized access to sensitive database information, making it crucial for system administrators and hosting […]

Understanding the eDirectory SQL Injection Vulnerability The recent discovery of multiple SQL injection vulnerabilities in eDirectory has raised significant concerns among system administrators and hosting providers. This vulnerability (CVE-2019-25675) allows attackers to bypass authentication and access sensitive files without any prerequisite credentials. What is CVE-2019-25675? This vulnerability is specifically tied to SQL injection, which is […]

Since the first emergence of computer viruses and botnets, the number of infected machines is growing day by day. The rapid development of IT not only brought increased comfort to our life, but the vulnerability of our personal data as well.  In parallel with the evolution of technical devices, hackers became more sensible, aggressive and […]

There are many ways your server can be compromised. In this article, I try to sum up the top 5 signs, which show your server has been compromised through your website. Your website is a very vulnerable part of your server, so many attacks targeting this interface. Not only big enterprises, like Sony or Apple, […]

Do you like going to conferences? We really do! Not just because of the fizzing atmosphere, hot topics and mind-blowing technologies. It’s you guys, who we like to meet in person at an exhibition. BitNinja users are from all over the world now from the US to Singapore. And these events provide such a great […]

A long time ago, in a galaxy far, far away … Ohh wait, it’s just happening. Yeah, one of the most anticipated ninja modules, the ‘gorgeous’ Port Honeypot has been released.  I know what you are thinking now “How can it be gorgeous? But seriously, this is about a security function”.  Let me introduce you […]

The holidays are over already, and hackers didn’t sleep at all during that time. Yeah, a critical Joomla vulnerability is on board again. To tell the truth, this 0-day remote command execution vulnerability is already 3-weeks old, but it can still cause headache for owners using versions from 1.5 to 3.4. It is a quite […]

We are so proud and excited to announce that BitNinja team is one of the eight selected startups in Cyber London’s second accelerator programme. It has been a long-awaited goal of us which is a perfect opportunity to rise BitNinja to the next level. It means lots of passionate work, helpful mentorship and a dynamic environment to […]

2015 was a big year both for our team and for you who use BitNinja on your servers to make the Internet a safer place. We are so proud of our community, full of committed and passionate hacker hunters. A lot has happened this year and now, nearing the end of it, it feels good […]

Mystery is on the horizon, ladies and gentlemen! And we always get excited about unappreciated server attacks. Just like in case of this ‘abdulkarrem’ one. Come, put on the role of Sherlock Holmes with us. Recently, there is a very frequent attack type. More and more sysadmin experience and complain about malicious request like these: […]

BitNinja has two very efficient detection modules. Log analysis and DoS detection does a great job in filtering attacks, but they are lack of one very important thing. Log analysis can only work on requests already reached your server. There are attacks like login brute force attacks, where it is not a problem as there […]

Understanding CVE-2019-25676 The cybersecurity landscape is constantly evolving, and recently a high-impact vulnerability has emerged concerning the Ask Expert Script 3.0.5. This vulnerability, known as CVE-2019-25676, exposes systems to significant risks from unauthenticated attackers. Understanding its implications is crucial for all system administrators and hosting providers. What is CVE-2019-25676? CVE-2019-25676 is a critical vulnerability that […]

Introduction to CVE-2019-25678 CVE-2019-25678 reveals critical SQL injection vulnerabilities in the C4G Basic Laboratory Information System (BLIS) version 3.4. This security flaw allows attackers to execute arbitrary SQL commands. Server administrators and hosting providers must understand the implications to safeguard their systems. Understanding the Threat Attackers can exploit these vulnerabilities by sending GET requests to […]

Understanding CVE-2026-5538 and Its Impact on Server Security A recently discovered vulnerability, CVE-2026-5538, has been identified in QingdaoU OnlineJudge software, affecting versions up to 1.6.1. This vulnerability allows for server-side request forgery, which can be exploited remotely. System administrators and hosting providers must be vigilant to protect their infrastructures against this type of attack. Details […]