Detik News- Exploit DB
- [webapps] Wp2Fac - OS Command Injection September 8, 2023Wp2Fac - OS Command Injection
- [webapps] Wordpress Plugin Elementor 3.5.5 - Iframe Injection September 8, 2023Wordpress Plugin Elementor 3.5.5 - Iframe Injection
- [remote] GOM Player 2.3.90.5360 - Remote Code Execution (RCE) September 8, 2023GOM Player 2.3.90.5360 - Remote Code Execution (RCE)
- [webapps] soosyze 2.0.0 - File Upload September 8, 2023soosyze 2.0.0 - File Upload
- [remote] Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities September 8, 2023Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities
- [webapps] Axigen < 10.3.3.47, 10.2.3.12 - Reflected XSS September 8, 2023Axigen < 10.3.3.47, 10.2.3.12 - Reflected XSS
- [webapps] Drupal 10.1.2 - web-cache-poisoning-External-service-interaction September 8, 2023Drupal 10.1.2 - web-cache-poisoning-External-service-interaction
- [webapps] Jorani v1.0.3-(c)2014-2023 - XSS Reflected & Information Disclosure September 8, 2023Jorani v1.0.3-(c)2014-2023 - XSS Reflected & Information Disclosure
- [webapps] SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection September 8, 2023SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection
- [dos] SyncBreeze 15.2.24 - 'login' Denial of Service September 8, 2023SyncBreeze 15.2.24 - 'login' Denial of Service
- [local] GOM Player 2.3.90.5360 - Buffer Overflow (PoC) September 8, 2023GOM Player 2.3.90.5360 - Buffer Overflow (PoC)
- [webapps] CSZ CMS 1.3.0 - Stored Cross-Site Scripting (Plugin 'Gallery') September 4, 2023CSZ CMS 1.3.0 - Stored Cross-Site Scripting (Plugin 'Gallery')
- [webapps] AdminLTE PiHole 5.18 - Broken Access Control September 4, 2023AdminLTE PiHole 5.18 - Broken Access Control
- [local] Freefloat FTP Server 1.0 - 'PWD' Remote Buffer Overflow September 4, 2023Freefloat FTP Server 1.0 - 'PWD' Remote Buffer Overflow
- [local] Kingo ROOT 1.5.8 - Unquoted Service Path September 4, 2023Kingo ROOT 1.5.8 - Unquoted Service Path
- [webapps] Wp2Fac - OS Command Injection September 8, 2023
Category Archives: IT
Menonaktifkan Open DNS Server BIND
Beberapa waktu lalu, tim abuse dari salah satu penyedia VPS (Virtual Private Server) yang saya gunakan meneruskan email komplain ke saya terkait dengan digunakannya server VPS saya sebagai reflektor serangan DDoS ke server di Eropa. Setelah saya cek, ternyata ada … Continue reading
Posted in IT, Security, Tips and Tricks
Leave a comment
[Update] WordPress 0day XSS Vulnerability
Buat teman-teman yang mempunyai website/blog menggunakan wordpress, diharapkan segera melakukan update ke wordpress terbaru 4.2.1 berhubung adanya vulnerability 0day XSS dimana penyerang bisa membuat komentar di post/page manapun dan menyisipkan script XSS yang bisa mendapatkan/eksekusi perintah di server. Referensi bisa … Continue reading
NAWALA Block Yahoo Email MX
Hari ini saya menerima laporan dari teman saya bahwa server emailnya tidak bisa mengirim email ke Yahoo (yang di coba yahoo.com, yang top level domain atau country level domain seperti yahoo.co.id, belum dicoba) sementara ke email server tujuan lain misalnya … Continue reading
Missing DNS kalpin.us di CloudFlare
Pagi ini mendapatkan alert dari google bahwa situs blog pribadi saya http://www.kalpin.us gagal diakses dengan rate diatas 85% dengan error code DNS Not Found. Setelah saya lakukan pengecekan melalui intodns.com, sepertinya ada 2 DNS cloudflare yang diassign ke domain saya … Continue reading
Ngeblog mobile
Mengingat jarang di depan pc untuk update blog, maka diputuskan menginstall wordpress for blackberry. Happy blogging.