Researcher Profile


Me


andrysec's Statistics

Challenges Complete: 0

Write-ups: 2

Tutorials: 0


SQL Injections on [ Telkom Server Acess ]

Posted on 2019-03-24
Priority:   Critical

Bypassed DatabaseSQL Injections on [ Telkom Server Access ]

A few months ago I reported a SQL injection on one of the access telecommunications servers. The telkomakses.co.id server is vulnerable to sql injection, in this database there is a lot of important data, including KK / NIK / KTP / EMAIL / AKUN / home address / and many others, this bug can be misused by irresponsible parties, I have reported this bug from a few months ago, but the telkom did not answer my report.

10/Dec/2018 - I report this bugs. until now the bug is still open, and Telkom has not yet refined the bug.