[Bahasa] Pengalaman Ujian Sertifikasi CEH Practical

Pendahuluan Ini adalah cerita pengalaman saya mengikuti ujian CEH Practical yang ingin saya bagikan kepada orang - orang yang sedang atau ingin mengambil sertifikasi CEH Practical. Kesempatan yang...

Jan 22, 2022 Certification

Online Railway Reservation System 1.0 - 'id' SQL Injection (Unauthenticated)

Introduction As part of my routine web-application security research, I reviewed the Online Railway Reservation System (ORRS) v1.0 from SourceCodester. My objective was straightforward: understand ...

Jan 8, 2022 Infosec, CVE, Research

Online Veterinary Appointment System v1.0 — Multiple SQL Injection via id in Appointment Details)

Introduction I examined OVAS v1.0 to evaluate how its admin dashboard handled user-controlled identifiers that flow into database queries. Appointment management looked like a likely entry point: i...

Jan 5, 2022 Infosec, CVE, Research

Hospital's Patient Records Management System v1.0 - 'id' SQL Injection (Authenticated)

Introduction During a focused review of HPRMS v1.0, I set out to evaluate the integrity of its record-view workflow inside the admin area—specifically how user-controlled identifiers are validated ...

Dec 30, 2021 Infosec, CVE, Research

Hospitals Patient Records Management System v1.0 — IDOR (Account Takeover)

Introduction I reviewed HPRMS v1.0 to assess how its admin area handles identity and authorization in routine CRUD flows. Applications with profile-edit features often expose object identifiers dir...

Dec 20, 2021 Infosec, CVE, Research

1
2
3
4
2 / 4