Detik News- Exploit DB
- [webapps] ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure November 30, 2020ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure
- [webapps] Rejetto HttpFileServer 2.3.x - Remote Command Execution (3) November 30, 2020Rejetto HttpFileServer 2.3.x - Remote Command Execution (3)
- [webapps] WonderCMS 3.1.3 - 'uploadFile' Stored Cross-Site Scripting November 27, 2020WonderCMS 3.1.3 - 'uploadFile' Stored Cross-Site Scripting
- [webapps] Ruckus IoT Controller (Ruckus vRIoT) 1.5.1.0.21 - Remote Code Execution November 27, 2020Ruckus IoT Controller (Ruckus vRIoT) 1.5.1.0.21 - Remote Code Execution
- [webapps] Laravel Administrator 4 - Unrestricted File Upload (Authenticated) November 27, 2020Laravel Administrator 4 - Unrestricted File Upload (Authenticated)
- [webapps] Acronis Cyber Backup 12.5 Build 16341 - Unauthenticated SSRF November 27, 2020Acronis Cyber Backup 12.5 Build 16341 - Unauthenticated SSRF
- [webapps] Moodle 3.8 - Unrestricted File Upload November 27, 2020Moodle 3.8 - Unrestricted File Upload
- [webapps] Wordpress Theme Accesspress Social Icons 1.7.9 - SQL injection (Authenticated) November 27, 2020Wordpress Theme Accesspress Social Icons 1.7.9 - SQL injection (Authenticated)
- [local] Foxit Reader 9.0.1.1049 - Arbitrary Code Execution November 27, 2020Foxit Reader 9.0.1.1049 - Arbitrary Code Execution
- [webapps] House Rental 1.0 - 'keywords' SQL Injection November 27, 2020House Rental 1.0 - 'keywords' SQL Injection
- [dos] libupnp 1.6.18 - Stack-based buffer overflow (DoS) November 27, 2020libupnp 1.6.18 - Stack-based buffer overflow (DoS)
- [webapps] ElkarBackup 1.3.3 - 'Policy[name]' and 'Policy[Description]' Stored Cross-site Scripting November 27, 2020ElkarBackup 1.3.3 - 'Policy[name]' and 'Policy[Description]' Stored Cross-site Scripting
- [webapps] Best Support System 3.0.4 - 'ticket_body' Persistent XSS (Authenticated) November 27, 2020Best Support System 3.0.4 - 'ticket_body' Persistent XSS (Authenticated)
- [webapps] Wordpress Theme Wibar 1.1.8 - 'Brand Component' Stored Cross Site Scripting November 27, 2020Wordpress Theme Wibar 1.1.8 - 'Brand Component' Stored Cross Site Scripting
- [local] SAP Lumira 1.31 - Stored Cross-Site Scripting November 27, 2020SAP Lumira 1.31 - Stored Cross-Site Scripting
- [webapps] ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure November 30, 2020
Category Archives: IT
Menonaktifkan Open DNS Server BIND
Beberapa waktu lalu, tim abuse dari salah satu penyedia VPS (Virtual Private Server) yang saya gunakan meneruskan email komplain ke saya terkait dengan digunakannya server VPS saya sebagai reflektor serangan DDoS ke server di Eropa. Setelah saya cek, ternyata ada … Continue reading
Posted in IT, Security, Tips and Tricks
Leave a comment
[Update] WordPress 0day XSS Vulnerability
Buat teman-teman yang mempunyai website/blog menggunakan wordpress, diharapkan segera melakukan update ke wordpress terbaru 4.2.1 berhubung adanya vulnerability 0day XSS dimana penyerang bisa membuat komentar di post/page manapun dan menyisipkan script XSS yang bisa mendapatkan/eksekusi perintah di server. Referensi bisa … Continue reading
NAWALA Block Yahoo Email MX
Hari ini saya menerima laporan dari teman saya bahwa server emailnya tidak bisa mengirim email ke Yahoo (yang di coba yahoo.com, yang top level domain atau country level domain seperti yahoo.co.id, belum dicoba) sementara ke email server tujuan lain misalnya … Continue reading
Missing DNS kalpin.us di CloudFlare
Pagi ini mendapatkan alert dari google bahwa situs blog pribadi saya http://www.kalpin.us gagal diakses dengan rate diatas 85% dengan error code DNS Not Found. Setelah saya lakukan pengecekan melalui intodns.com, sepertinya ada 2 DNS cloudflare yang diassign ke domain saya … Continue reading
Ngeblog mobile
Mengingat jarang di depan pc untuk update blog, maka diputuskan menginstall wordpress for blackberry. Happy blogging.