<![CDATA[In all-digital era now, every population data is stored and processed through the website. With this website, the flow of information and communication between residents and government can be done easily. However, behind these advantages, there are also several weaknesses, namely security holes that can be accessed by irresponsible people, as well as data leakage cases that often occur. Seeing these problems, the author tested security gaps using the penetration testing method on the Information Technology-Based Population Administration System Service (SAKTI) on website. The results obtained from this research, the SAKTI website managed by the Kediri City disdukcapil found the impact of an open response code gap with the possibility of sensitive data exposure and found upload pages for RCE (Remote Code Excecution) exploitation and malware inject. For the CVSS assessment, the Base Score gets 8.1 points at the High level. While the recommendation is in the form of improving unrestricted file upload and sensitive data exposure or information disclosure by restricting public access.]]>
Copyrights © 2024
