Detik News- Exploit DB
- [webapps] OpenCart v3.x Newsletter Module - Blind SQLi May 23, 2022OpenCart v3.x Newsletter Module - Blind SQLi
- [webapps] m1k1o's Blog v.10 - Remote Code Execution (RCE) (Authenticated) May 23, 2022m1k1o's Blog v.10 - Remote Code Execution (RCE) (Authenticated)
- [remote] SDT-CW3B1 1.1.0 - OS Command Injection May 17, 2022SDT-CW3B1 1.1.0 - OS Command Injection
- [webapps] Survey Sparrow Enterprise Survey Software 2022 - Stored Cross-Site Scripting (XSS) May 17, 2022Survey Sparrow Enterprise Survey Software 2022 - Stored Cross-Site Scripting (XSS)
- [webapps] T-Soft E-Commerce 4 - 'UrunAdi' Stored Cross-Site Scripting (XSS) May 17, 2022T-Soft E-Commerce 4 - 'UrunAdi' Stored Cross-Site Scripting (XSS)
- [webapps] T-Soft E-Commerce 4 - SQLi (Authenticated) May 17, 2022T-Soft E-Commerce 4 - SQLi (Authenticated)
- [remote] SolarView Compact 6.0 - OS Command Injection May 17, 2022SolarView Compact 6.0 - OS Command Injection
- [webapps] Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS) May 17, 2022Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS)
- [webapps] College Management System 1.0 - 'course_code' SQL Injection (Authenticated) May 12, 2022College Management System 1.0 - 'course_code' SQL Injection (Authenticated)
- [webapps] Royal Event Management System 1.0 - 'todate' SQL Injection (Authenticated) May 12, 2022Royal Event Management System 1.0 - 'todate' SQL Injection (Authenticated)
- [webapps] TLR-2005KSH - Arbitrary File Delete May 12, 2022TLR-2005KSH - Arbitrary File Delete
- [remote] F5 BIG-IP 16.0.x - Remote Code Execution (RCE) May 12, 2022F5 BIG-IP 16.0.x - Remote Code Execution (RCE)
- [local] Wondershare Dr.Fone 11.4.10 - Insecure File Permissions May 11, 2022Wondershare Dr.Fone 11.4.10 - Insecure File Permissions
- [remote] DLINK DIR850 - Open Redirect May 11, 2022DLINK DIR850 - Open Redirect
- [remote] Prime95 Version 30.7 build 9 - Remote Code Execution (RCE) May 11, 2022Prime95 Version 30.7 build 9 - Remote Code Execution (RCE)
- [webapps] OpenCart v3.x Newsletter Module - Blind SQLi May 23, 2022
Category Archives: IT
Menonaktifkan Open DNS Server BIND
Beberapa waktu lalu, tim abuse dari salah satu penyedia VPS (Virtual Private Server) yang saya gunakan meneruskan email komplain ke saya terkait dengan digunakannya server VPS saya sebagai reflektor serangan DDoS ke server di Eropa. Setelah saya cek, ternyata ada … Continue reading
Posted in IT, Security, Tips and Tricks
Leave a comment
[Update] WordPress 0day XSS Vulnerability
Buat teman-teman yang mempunyai website/blog menggunakan wordpress, diharapkan segera melakukan update ke wordpress terbaru 4.2.1 berhubung adanya vulnerability 0day XSS dimana penyerang bisa membuat komentar di post/page manapun dan menyisipkan script XSS yang bisa mendapatkan/eksekusi perintah di server. Referensi bisa … Continue reading
NAWALA Block Yahoo Email MX
Hari ini saya menerima laporan dari teman saya bahwa server emailnya tidak bisa mengirim email ke Yahoo (yang di coba yahoo.com, yang top level domain atau country level domain seperti yahoo.co.id, belum dicoba) sementara ke email server tujuan lain misalnya … Continue reading
Missing DNS kalpin.us di CloudFlare
Pagi ini mendapatkan alert dari google bahwa situs blog pribadi saya http://www.kalpin.us gagal diakses dengan rate diatas 85% dengan error code DNS Not Found. Setelah saya lakukan pengecekan melalui intodns.com, sepertinya ada 2 DNS cloudflare yang diassign ke domain saya … Continue reading
Ngeblog mobile
Mengingat jarang di depan pc untuk update blog, maka diputuskan menginstall wordpress for blackberry. Happy blogging.