COMNETS LAB UNSRI - Internet of Things dataset
COMNETS lab dataset is a collection of datasets from the Department of Computer Engineering. Faculty of Computer Science. Universitas Sriwijaya.
Portfolio
Hello and welcome to my cumulative Portfolio. I am making this portfolio not only to display the works that I have written in this my research field, but also to show how my writing has improved throughout the quarter.
Book appointment Online < 1.39 - Authenticated Stored Cross-Site Scripting (XSS)
Description The plugin does not sanitise or escape Service Prices before outputting it in the List, which could allow high privilege users to perform Cross-S...
WP Courses LMS < 2.0.44 - Authenticated Stored XSS via Video Embed Code
Description The plugin does not sanitise its Video Embed Code, allowing malicious code to be injected in it by high privilege users, even when the unfiltered...
WP Ticket < 5.10.4 - Admin+ Stored Cross-Site Scripting
Description The plugin does not sanitize or escape form fields before outputting it in the List, which could allow high privilege users to perform Cross-Site...
WordPress Advanced Ticket System < 1.0.64 - Authenticated Stored Cross-Site Scripting (XSS)
Description The plugin does not sanitize or escape form values before saving to the database or when outputting, which allows high privilege users to perform...
Spring Boot Log4j - CVE-2021-44228
Description The Log4Shell vulnerability (CVE-2021-44228) ultimately is a quite simple JNDI Injection flaw, but in a really really bad place. Log4J will perfo...
Hospitals Patient Records Management System 1.0 - Account TakeOver
Information about vulnerability - Exploit Title: Hospital's Patient Records Management System v1.0 - 'id' Insecure direct object references (IDOR) leads to A...
Hospitals Patient Records Management System 1.0 - ‘id’ SQL Injection (Authenticated)
Information about vulnerability - Exploit Title: Hospital's Patient Records Management System v1.0 - 'id' SQL Injection (Authenticated) - Date: 2021-12-30 - ...
Online Veterinary Appointment System 1.0 - ‘Multiple’ SQL Injection
Information about vulnerability - Exploit Title: Online Veterinary Appointment System 1.0 - 'Multiple' SQL Injection - Date: 05/01/20222 - Exploit Author: tw...
Online Railway Reservation System 1.0 - ‘id’ SQL Injection (Unauthenticated)
Information about vulnerability - Exploit Title: Online Railway Reservation System 1.0 - 'id' SQL Injection (Unauthenticated) - Date: 07/01/2022 - Exploit Au...