Maloy Roy Orko: Difference between revisions

(2 intermediate revisions by the same user not shown)

Line 1:

[[File:Sophisticated Portrait in Blue.jpg|thumb|~~Maloy Roy Orko in 2025Birth Date: September 20,2007Birth Place: Dhaka, BangladeshNationality: Bangladeshi Occupation: Cyber Security Researcher~~ Known For: Founder of Web Security Insights]]

[[File:Sophisticated Portrait in Blue.jpg|thumb|Known For: Founder of Web Security Insights]]

'''Maloy Roy Orko (born September 20,2007) is a cyber security researcher specializing in Web Application Security Testing. He is best known as the founder of Web Security Insights, an Online Cyber Security related ~~platform~~.'''

'''Maloy Roy Orko (born September 20,2007) is a cyber security researcher specializing in Web Application Security Testing. He is best known as the founder of Web Security Insights, an Online Cyber Security related platforms.'''

== Early Life and Education ==

Maloy Roy Orko was born in ~~.haka~~, Bangladesh He completed his Higher Secondary Certificate (HSC) at ~~BDhnka~~ College ad is currently ~~ptaking~~ admission into university

Maloy Roy Orko was born in Dhaka, Bangladesh He completed his Higher Secondary Certificate (HSC) at Dhaka College and is currently taking admission into university.In future,he wants to become a doctor maintaining his cyber security career as well.In future,he wants to become a doctor maintaining his cyber security career as well.

== Career ==

Line 16:

Top of All,His research encompasses a broad spectrum of common web application and system vulnerabilities, including SQL Injection (SQLi), Cross-Site Scripting (XSS), Insecure Direct Object Reference (IDOR), Remote Code Execution (RCE), Cross-Site Request Forgery (CSRF), Improper restriction of excessive authentication attempts, Unrestricted file uploads, and Improper access controls.

Beyond vulnerability disclosures,

'''Beyond vulnerability disclosures,'''

Maloy Roy Orko also contributes to cyber news related journalism, exemplified by his report on the "Breaking News: LockBit Ransomware Admin Panel Hacked, SQL Database Leaked".

'''Maloy Roy Orko also contributes to cyber news related journalism, exemplified by his report on the "Breaking News: LockBit Ransomware Admin Panel Hacked, SQL Database Leaked".'''

== Research Works ==

CVE-2025-4065:

'''CVE-2025-4065:'''

A critical vulnerability found in ScriptAndTools Online-Travling-System 1.0, involving improper access controls (Published April 29, 2025).

'''A critical vulnerability found in ScriptAndTools Online-Travling-System 1.0, involving improper access controls (Published April 29, 2025).'''

'''

CVE-2025-2036:'''

~~CVE~~-2025~~-2036:~~

'''Classified as critical, this SQL Injection vulnerability was identified in s-a-zhd Ecommerce-Website-using-PHP 1.0 (Published March 8, 2025)'''

~~Classified as critical, this SQL Injection vulnerability was identified in s~~-a-~~zhd Ecommerce-Website-using-PHP 1.0 (Published March 8, 2025)~~

'''

CVE-2025-3556:'''

'''A problematic vulnerability in ScriptAndTools eCommerce-website-in-PHP 3.0 concerning excessive authentication attempts (Published April 14, 2025).'''

~~CVE-2025-3556:~~

~~A problematic vulnerability in ScriptAndTools eCommerce-website-in-PHP 3.0 concerning excessive authentication attempts (Published April 14, 2025).~~

CVE-2025-3557:

'''CVE-2025-3557:'''

Another problematic vulnerability in ScriptAndTools eCommerce-website-in-PHP 3.0, related to Cross-Site Request Forgery (Published April 14, 2025).

'''Another problematic vulnerability in ScriptAndTools eCommerce-website-in-PHP 3.0, related to Cross-Site Request Forgery (Published April 14, 2025).'''

'''

CVE-2025-0842:'''

~~CVE~~-2025~~-0842:~~

'''SQL Injection Admin Login Bypass in Library-Card-System (Published January 19, 2025).'''

~~SQL Injection Admin Login Bypass in Library~~-~~Card~~-~~System (Published January 19, 2025).~~

'''

CVE-2025-0722:'''

'''Unrestricted File Upload in Image_Gallery (Published January 09, 2025).'''

CVE-2025-~~0722~~:

'''

CVE-2025-0721:'''

~~Unrestricted File Upload~~ in Image_Gallery (Published January 09, 2025).

'''Cross Site Scripting (Reflected XSS) in Image_Gallery (Published January 09, 2025).'''

== References ==

~~CVE~~-~~2025~~-~~0721~~:

* https://www.websecurityinsights.my.id/p/maloy-roy-orko.html

* https://www.linkedin.com/in/maloyroyorko

~~Cross Site Scripting (Reflected XSS) in Image_Gallery (Published January 09, 2025)~~.

* https://youtube.com/@maloyroyorko

* https://www.instagram.com/maloyroyarko/

~~== Gallery ==~~

~~[[File~~:~~FB IMG 17554902514597940~~.~~jpg|thumb|Maloy Roy Orko-Dhaka College]]~~

@@ Line 1: / Line 1: @@
-[[File:Sophisticated Portrait in Blue.jpg|thumb|Maloy Roy Orko in 2025Birth Date: September 20,2007Birth Place: Dhaka, BangladeshNationality: Bangladeshi Occupation: Cyber Security Researcher Known For: Founder of Web Security Insights]]
+[[File:Sophisticated Portrait in Blue.jpg|thumb|<u>Known For: Founder of Web Security Insights</u>]]
-'''Maloy Roy Orko (born September 20,2007) is a cyber security researcher specializing in Web Application Security Testing. He is best known as the founder of Web Security Insights, an Online Cyber Security related platform.'''
+'''Maloy Roy Orko (born September 20,2007) is a cyber security researcher specializing in Web Application Security Testing. He is best known as the founder of Web Security Insights, an Online Cyber Security related platforms.'''
 == Early Life and Education ==
-Maloy Roy Orko was born in .haka, Bangladesh He completed his Higher Secondary Certificate (HSC) at BDhnka College ad is currently ptaking admission into university
+Maloy Roy Orko was born in Dhaka, Bangladesh He completed his Higher Secondary Certificate (HSC) at Dhaka College and is currently taking admission into university.In future,he wants to become a doctor maintaining his cyber security career as well.In future,he wants to become a doctor maintaining his cyber security career as well.
 == Career ==
@@ Line 16: / Line 16: @@
 Top of All,His research encompasses a broad spectrum of common web application and system vulnerabilities, including SQL Injection (SQLi), Cross-Site Scripting (XSS), Insecure Direct Object Reference (IDOR), Remote Code Execution (RCE), Cross-Site Request Forgery (CSRF), Improper restriction of excessive authentication attempts, Unrestricted file uploads, and Improper access controls.
-Beyond vulnerability disclosures,
+'''Beyond vulnerability disclosures,'''
-Maloy Roy Orko also contributes to cyber news related journalism, exemplified by his report on the "Breaking News: LockBit Ransomware Admin Panel Hacked, SQL Database Leaked".
+'''Maloy Roy Orko also contributes to cyber news related journalism, exemplified by his report on the "Breaking News: LockBit Ransomware Admin Panel Hacked, SQL Database Leaked".'''
 == Research Works ==
-CVE-2025-4065:
+'''CVE-2025-4065:'''
-A critical vulnerability found in ScriptAndTools Online-Travling-System 1.0, involving improper access controls (Published April 29, 2025).
+'''A critical vulnerability found in ScriptAndTools Online-Travling-System 1.0, involving improper access controls (Published April 29, 2025).'''
+'''<br />
+CVE-2025-2036:'''
-CVE-2025-2036:
+'''Classified as critical, this SQL Injection vulnerability was identified in s-a-zhd Ecommerce-Website-using-PHP 1.0 (Published March 8, 2025)'''
-Classified as critical, this SQL Injection vulnerability was identified in s-a-zhd Ecommerce-Website-using-PHP 1.0 (Published March 8, 2025)
+'''<br />
+CVE-2025-3556:'''
+'''A problematic vulnerability in ScriptAndTools eCommerce-website-in-PHP 3.0 concerning excessive authentication attempts (Published April 14, 2025).'''
-CVE-2025-3556:
-A problematic vulnerability in ScriptAndTools eCommerce-website-in-PHP 3.0 concerning excessive authentication attempts (Published April 14, 2025).
-CVE-2025-3557:
+'''CVE-2025-3557:'''
-Another problematic vulnerability in ScriptAndTools eCommerce-website-in-PHP 3.0, related to Cross-Site Request Forgery (Published April 14, 2025).
+'''Another problematic vulnerability in ScriptAndTools eCommerce-website-in-PHP 3.0, related to Cross-Site Request Forgery (Published April 14, 2025).'''
+'''<br />
+CVE-2025-0842:'''
-CVE-2025-0842:
+'''SQL Injection Admin Login Bypass in Library-Card-System (Published January 19, 2025).'''
-SQL Injection Admin Login Bypass in Library-Card-System (Published January 19, 2025).
+'''<br />
+CVE-2025-0722:'''
+'''Unrestricted File Upload in Image_Gallery (Published January 09, 2025).'''
-CVE-2025-0722:
+'''<br />
+CVE-2025-0721:'''
-Unrestricted File Upload in Image_Gallery (Published January 09, 2025).
+'''Cross Site Scripting (Reflected XSS) in Image_Gallery (Published January 09, 2025).'''
+== References ==
-CVE-2025-0721:
+* https://www.websecurityinsights.my.id/p/maloy-roy-orko.html
+* https://www.linkedin.com/in/maloyroyorko
-Cross Site Scripting (Reflected XSS) in Image_Gallery (Published January 09, 2025).
+* https://youtube.com/@maloyroyorko
+* https://www.instagram.com/maloyroyarko/
-== Gallery ==
-[[File:FB IMG 17554902514597940.jpg|thumb|Maloy Roy Orko-Dhaka College]]