45 matches found
CVE-2026-15491
The CVE-2026-15491 entry concerns RafyMrX TOKO-ONLINE-ROTI (up to commit ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99). The weakness is missing authentication in an unspecified part of the system. It can be exploited remotely over a network, with a low attack complexity and no required privileges. Th...
EUVD-2026-43213
A weakness has been identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. This affects an unknown part. This manipulation causes missing authentication. The attack is possible to be carried out remotely. This product adopts a rolling release strategy to maintain...
CVE-2026-15490
CVE-2026-15490 concerns RafyMrX TOKO-ONLINE-ROTI: SQL injection in the unknown functionality of the file pros es/add.php, via manipulation of the arguments kode_produk/kd_cs. The issue is exploitable remotely with no authentication (attack vector: NETWORK; complexity: LOW). Evidence indicates imp...
EUVD-2026-43212
A security flaw has been discovered in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected by this issue is some unknown functionality of the file proses/add.php. The manipulation of the argument kodeproduk/kdcs results in sql injection. The attack can be executed...
CVE-2026-15489
The CVE-2026-15489 entry describes a SQL injection in RafyMrX TOKO-ONLINE-ROTI (up to commit ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99) via an input in the file proses/login.php where the Username argument is manipulated. The vulnerability is exploitable remotely, with a publicly available exploit...
CVE-2026-38940
Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detailproduk.php component...
CVE-2026-38940
Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detailproduk.php component...
CVE-2026-38940
CVE-2026-38940 describes a Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 that can be triggered via the detail_produk.php component. The vulnerability is publicly documented across multiple feeds (NVD, CVE list, EUVD, etc.). A remote attacker could potentially execute arbitr...
CVE-2026-38940
Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detailproduk.php component...
CVE-2026-38940
Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detailproduk.php component...
PT-2026-36122
Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detail produk.php component...
Toko Online Roti 跨站脚本漏洞
Toko Online Roti is an online bakery management platform developed by Ahmad Rafi Akbar Putra Hamzah. It supports manufacturing processes and backend management. Version 1.0 of Toko Online Roti has a cross-site scripting vulnerability. This vulnerability stems from the detailproduk.php component,...
EUVD-2026-26388
Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detailproduk.php component...
CVE-2026-38940
Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detailproduk.php component...
EUVD-2007-5974
Malware in sbrugna...
toko-tebe.ru XSS vulnerability
Open Bug Bounty ID: OBB-337786 Description| Value ---|--- Affected Website:| toko-tebe.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Toko Instan 7.6 - Multiple Remote SQL Injection Vulnerabilities
No description provided by source. Indonesian Newhack Security Advisory ------------------------------------ Toko Instan V7.6 - Multiple Remote SQL Injection Vulnerabilities Waktu : Nov 14 2007 08:30AM Software : Toko Instan V7.6 Vendor : http://www.tokohandal.com/ Demo Site :...
Toko Lite CMS 1.5.2 (edit.php) HTTP Response Splitting Vulnerability
No description provided by source. Toko Lite CMS 1.5.2 edit.php HTTP Response Splitting Vulnerability Vendor: Toko Product web page: http://toko-contenteditor.pageil.net Affected version: 1.5.2 Summary: Toko Web Content Editor cms is a compact, multi language, open source web editor and content...
Toko Flamboyan Local File Inclusion
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...
Toko Flamboyan - Local File Inclusion
Exploit for php platform in category web applications Exploit Title: Toko Flamboyan - Local File Inclusion Author: Dark-Puzzle Category : Webapps Vendor Homepage: http://www.flamboyan.co.id/ Google Dork: inurl:"fla.php?fla=" Date: 23 June 2012 Vendor : Toko Flamboyan Version: All Versions Tested...