Detik News- Exploit DB
- [webapps] Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS) August 4, 2021Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
- [webapps] WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS) August 4, 2021WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS)
- [webapps] qdPM 9.1 - Remote Code Execution (RCE) (Authenticated) August 4, 2021qdPM 9.1 - Remote Code Execution (RCE) (Authenticated)
- [webapps] qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated) August 4, 2021qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated)
- [webapps] ApacheOfBiz 17.12.01 - Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments August 4, 2021ApacheOfBiz 17.12.01 - Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments
- [webapps] Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE) August 3, 2021Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)
- [webapps] Men Salon Management System 1.0 - SQL Injection Authentication Bypass August 2, 2021Men Salon Management System 1.0 - SQL Injection Authentication Bypass
- [remote] Neo4j 3.4.18 - RMI based Remote Code Execution (RCE) August 2, 2021Neo4j 3.4.18 - RMI based Remote Code Execution (RCE)
- [webapps] Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS) August 2, 2021Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS)
- [webapps] Panasonic Sanyo CCTV Network Camera 2.03-0x - 'Disable Authentication / Change Password' CSRF August 2, 2021Panasonic Sanyo CCTV Network Camera 2.03-0x - 'Disable Authentication / Change Password' CSRF
- [webapps] Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download July 29, 2021Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download
- [webapps] Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection July 29, 2021Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection
- [webapps] CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF) to Remote Code Execution (RCE) July 29, 2021CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF) to Remote Code Execution (RCE)
- [webapps] Oracle Fatwire 6.3 - Multiple Vulnerabilities July 29, 2021Oracle Fatwire 6.3 - Multiple Vulnerabilities
- [webapps] Denver IP Camera SHO-110 - Unauthenticated Snapshot July 29, 2021Denver IP Camera SHO-110 - Unauthenticated Snapshot
- [webapps] Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS) August 4, 2021
Category Archives: IT
Menonaktifkan Open DNS Server BIND
Beberapa waktu lalu, tim abuse dari salah satu penyedia VPS (Virtual Private Server) yang saya gunakan meneruskan email komplain ke saya terkait dengan digunakannya server VPS saya sebagai reflektor serangan DDoS ke server di Eropa. Setelah saya cek, ternyata ada … Continue reading
Posted in IT, Security, Tips and Tricks
Leave a comment
[Update] WordPress 0day XSS Vulnerability
Buat teman-teman yang mempunyai website/blog menggunakan wordpress, diharapkan segera melakukan update ke wordpress terbaru 4.2.1 berhubung adanya vulnerability 0day XSS dimana penyerang bisa membuat komentar di post/page manapun dan menyisipkan script XSS yang bisa mendapatkan/eksekusi perintah di server. Referensi bisa … Continue reading
NAWALA Block Yahoo Email MX
Hari ini saya menerima laporan dari teman saya bahwa server emailnya tidak bisa mengirim email ke Yahoo (yang di coba yahoo.com, yang top level domain atau country level domain seperti yahoo.co.id, belum dicoba) sementara ke email server tujuan lain misalnya … Continue reading
Missing DNS kalpin.us di CloudFlare
Pagi ini mendapatkan alert dari google bahwa situs blog pribadi saya http://www.kalpin.us gagal diakses dengan rate diatas 85% dengan error code DNS Not Found. Setelah saya lakukan pengecekan melalui intodns.com, sepertinya ada 2 DNS cloudflare yang diassign ke domain saya … Continue reading
Ngeblog mobile
Mengingat jarang di depan pc untuk update blog, maka diputuskan menginstall wordpress for blackberry. Happy blogging.