www.1337.or.id

Search: defacer

"Black_X12" Hacker Takeover 30 Subdomain of Indonesian Government

Ganesha   05 December 2022   24.009 Views
A hacker who has the nickname Black X12 took over 30 subdomains belonging to the Indonesian Government which had the domain address kolakakab.go.id According to Zone H, a defacements archive website. Black X12 takeover the whole website on November 29th, 2022. Screenshot .. images po...

$1.000 IDOR

$1.000 IDOR

Airlangga   12 December 2022   26.286 Views
Insecure direct object references IDOR are a type of access control vulnerability that arises when an application uses user supplied input to access objects directly. The term IDOR was popularized by its appearance in the OWASP 2007 Top Ten. However, it is just one example of many access control i...

Reflected XSS on sgsg.samsung.com

Reflected XSS on sgsg.samsung.com

Ganesha   27 November 2022   22.712 Views
Like I did before, I use Google Dorks, to find some interesting URLs. Google Dork site sgsg.samsung.com I found a very interesting URL, The HTTP response shows every value from the campu...

[CVE-2022-3590] WP <= 6.1.1 - Unauthenticated Blind SSRF via DNS Rebinding

[CVE-2022-3590] WP <= 6.1.1 - Unauthenticated Blind SSRF via DNS Rebinding

Ganesha   19 December 2022   27.310 Views
WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU Time of check to time of use race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden. Below is what a request to t...

Stored XSS on LaporBug.id

Stored XSS on LaporBug.id

Ganesha   29 November 2022   22.816 Views
LaporBug.id is a Bug Bounty Platform from Indonesia, for more info about LaporBug.id you can open laporbug.id. I spent a few minutes checking every URL, parameter, and form on LaporBug.id. On this page, we have a form to upload a profile image. ...

Stored XSS on Chess24.com

Stored XSS on Chess24.com

Ganesha   26 November 2022   20.946 Views
I signed up on Chess24 and a play couple of games. Then I was thinking about security on the Chess24 website. I enter the user profile page, then I put the payload below as my website address. Request Response a href targe...

qdPM 9.1 - Remote Code Execution (RCE) (Authenticated)

qdPM 9.1 - Remote Code Execution (RCE) (Authenticated)

Ganesha   21 November 2022   24.376 Views
A remote code execution RCE vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users photo preview delete photo feature, allowing bypass of .htaccess protecti...

Stored DOM-based XSS on VPSServer.com

Stored DOM-based XSS on VPSServer.com

Airlangga   10 December 2022   26.644 Views
VPSServer.com is a company that sells Virtual Private Servers VPS . A virtual private server VPS is a virtual machine sold as a service by an Internet hosting service. The virtual dedicated server VDS also has a similar meaning. Now let me share how I found a Stored DOM based XSS Vulnerab...

Dynamic Content for Elementor < 1.9.6 - Authenticated RCE

Dynamic Content for Elementor < 1.9.6 - Authenticated RCE

Airlangga   10 February 2023   16.247 Views
The PHP Raw Widget dynamic.ooo widget php raw of the Dynamic Content for Elementor plugin before 1.9.6 did not properly check for user permissions, allowing accounts with a role as low as editor to perform RCE attacks. Proof of Concept POST wp admin admin ajax.php HTTP 1.1 Host exam...

1337.or.id Vulnerability Disclosure Program

1337.or.id Vulnerability Disclosure Program

Ganesha   30 November 2022   21.964 Views
No technology is perfect, and 1337.or.id believes that working with skilled security researchers across the globe is crucial in identifying weaknesses in any technology. If you believe you ve found a security issue in our product or service, we encourage you to notify us. We welcome working with you...

Elementor < 3.4.8 - DOM Cross-Site-Scripting

Elementor < 3.4.8 - DOM Cross-Site-Scripting

Ganesha   21 November 2022   24.048 Views
The plugin does not sanitise or escape user input appended to the DOM via a malicious hash, resulting in a DOM Cross Site Scripting issue. The issue was initially fixed in 3.1.4, however re introduced in 3.2.0. action lightbox settings eyJ0eXBlIjoibnV...

1 2 3