Lucene search
K

45 matches found

CVE
CVE
added 12 hours ago11 views

CVE-2026-15491

The CVE-2026-15491 entry concerns RafyMrX TOKO-ONLINE-ROTI (up to commit ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99). The weakness is missing authentication in an unspecified part of the system. It can be exploited remotely over a network, with a low attack complexity and no required privileges. Th...

7.5CVSS6.7AI score
Exploits0References4
EUVD
EUVD
added 12 hours ago7 views

EUVD-2026-43213

A weakness has been identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. This affects an unknown part. This manipulation causes missing authentication. The attack is possible to be carried out remotely. This product adopts a rolling release strategy to maintain...

7.5CVSS6.7AI score
Exploits0References4
CVE
CVE
added 13 hours ago7 views

CVE-2026-15490

CVE-2026-15490 concerns RafyMrX TOKO-ONLINE-ROTI: SQL injection in the unknown functionality of the file pros es/add.php, via manipulation of the arguments kode_produk/kd_cs. The issue is exploitable remotely with no authentication (attack vector: NETWORK; complexity: LOW). Evidence indicates imp...

7.5CVSS6.7AI score
Exploits0References4
EUVD
EUVD
added 13 hours ago6 views

EUVD-2026-43212

A security flaw has been discovered in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected by this issue is some unknown functionality of the file proses/add.php. The manipulation of the argument kodeproduk/kdcs results in sql injection. The attack can be executed...

7.5CVSS6.7AI score
Exploits0References4
CVE
CVE
added 13 hours ago11 views

CVE-2026-15489

The CVE-2026-15489 entry describes a SQL injection in RafyMrX TOKO-ONLINE-ROTI (up to commit ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99) via an input in the file proses/login.php where the Username argument is manipulated. The vulnerability is exploitable remotely, with a publicly available exploit...

7.5CVSS6.8AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.10 views

CVE-2026-38940

Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detailproduk.php component...

6.1CVSS6.1AI score0.00214EPSS
Exploits0References1
NVD
NVD
added 2026/04/30 4:16 p.m.9 views

CVE-2026-38940

Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detailproduk.php component...

6.1CVSS0.00214EPSS
Exploits0References1
CVE
CVE
added 2026/04/30 12:0 a.m.14 views

CVE-2026-38940

CVE-2026-38940 describes a Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 that can be triggered via the detail_produk.php component. The vulnerability is publicly documented across multiple feeds (NVD, CVE list, EUVD, etc.). A remote attacker could potentially execute arbitr...

6.1CVSS5.8AI score0.00214EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/30 12:0 a.m.8 views

CVE-2026-38940

Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detailproduk.php component...

6.1CVSS5.8AI score0.00214EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/30 12:0 a.m.6 views

CVE-2026-38940

Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detailproduk.php component...

5.8AI score0.00214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.8 views

PT-2026-36122

Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detail produk.php component...

6.1CVSS5.8AI score0.00214EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.9 views

Toko Online Roti 跨站脚本漏洞

Toko Online Roti is an online bakery management platform developed by Ahmad Rafi Akbar Putra Hamzah. It supports manufacturing processes and backend management. Version 1.0 of Toko Online Roti has a cross-site scripting vulnerability. This vulnerability stems from the detailproduk.php component,...

6.1CVSS5.9AI score0.00214EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/30 12:0 a.m.7 views

EUVD-2026-26388

Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detailproduk.php component...

6.1CVSS5.8AI score0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/30 12:0 a.m.31 views

CVE-2026-38940

Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detailproduk.php component...

0.00214EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-5974

Malware in sbrugna...

7.5CVSS6.4AI score0.01006EPSS
Exploits0References5
Openbugbounty
Openbugbounty
added 2017/10/13 8:39 p.m.8 views

toko-tebe.ru XSS vulnerability

Open Bug Bounty ID: OBB-337786 Description| Value ---|--- Affected Website:| toko-tebe.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.36 views

Toko Instan 7.6 - Multiple Remote SQL Injection Vulnerabilities

No description provided by source. Indonesian Newhack Security Advisory ------------------------------------ Toko Instan V7.6 - Multiple Remote SQL Injection Vulnerabilities Waktu : Nov 14 2007 08:30AM Software : Toko Instan V7.6 Vendor : http://www.tokohandal.com/ Demo Site :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Toko Lite CMS 1.5.2 (edit.php) HTTP Response Splitting Vulnerability

No description provided by source. Toko Lite CMS 1.5.2 edit.php HTTP Response Splitting Vulnerability Vendor: Toko Product web page: http://toko-contenteditor.pageil.net Affected version: 1.5.2 Summary: Toko Web Content Editor cms is a compact, multi language, open source web editor and content...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/06/27 12:0 a.m.22 views

Toko Flamboyan Local File Inclusion

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...

Exploits0
0day.today
0day.today
added 2012/06/24 12:0 a.m.15 views

Toko Flamboyan - Local File Inclusion

Exploit for php platform in category web applications Exploit Title: Toko Flamboyan - Local File Inclusion Author: Dark-Puzzle Category : Webapps Vendor Homepage: http://www.flamboyan.co.id/ Google Dork: inurl:"fla.php?fla=" Date: 23 June 2012 Vendor : Toko Flamboyan Version: All Versions Tested...

7.1AI score
Exploits0
Rows per page
Query Builder