| 제목 | RafyMrX TOKO-ONLINE-ROTI latest (2026-05, no formal release) SQL Injection |
|---|
| 설명 | Description:
TOKO-ONLINE-ROTI bakery e-commerce platform contains multiple
unauthenticated SQL injection vulnerabilities (CWE-89).
Vulnerability 1 - Login bypass (proses/login.php):
$username = $_POST['username'];
$cek = mysqli_query($conn, "SELECT * FROM customer WHERE username = '$username'");
Vulnerability 2 - Shopping cart injection (proses/add.php):
$_GET['kode_produk'], $_GET['kd_cs'] directly concatenated into
SELECT/INSERT/UPDATE queries without escaping.
Vulnerability 3 - Order processing injection (proses/order.php):
$kd_cs = $_POST['kode_cs'];
$keranjang = mysqli_query($conn, "SELECT * FROM keranjang WHERE kode_customer = '$kd_cs'");
$order = mysqli_query($conn, "INSERT INTO produksi VALUES('','$format','$kd_cs'...)" );
All injection points use raw mysqli_query() with direct variable
concatenation. No mysqli_real_escape_string or prepared statements.
Exploitation:
Login bypass: username=admin' OR '1'='1'-- &pass=x
Cart: proses/add.php?kode_produk=1' UNION SELECT...
Order: POST kode_cs=1' OR '1'='1'
Countermeasure:
Use prepared statements. Validate input before SQL execution. |
|---|
| 원천 | ⚠️ https://github.com/RafyMrX/TOKO-ONLINE-ROTI |
|---|
| 사용자 | Dest1ny_1 (UID 98653) |
|---|
| 제출 | 2026. 05. 31. AM 10:44 (1 월 ago) |
|---|
| 모더레이션 | 2026. 07. 11. PM 01:58 (1 month later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 377797 [RafyMrX TOKO-ONLINE-ROTI 까지 ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99 proses/add.php kode_produk/kd_cs SQL 주입] |
|---|
| 포인트들 | 20 |
|---|