Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dairy_farm_shop_management_system
(Phpgurukul)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 9 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-01-10 | CVE-2024-0355 | A vulnerability, which was classified as critical, was found in PHPGurukul Dairy Farm Shop Management System up to 1.1. Affected is an unknown function of the file add-category.php. The manipulation of the argument category leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-250122 is the identifier assigned to this vulnerability. | Dairy_farm_shop_management_system | 9.8 | ||
| 2020-01-07 | CVE-2020-5307 | PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php. | Dairy_farm_shop_management_system | 9.8 | ||
| 2020-01-09 | CVE-2020-5308 | PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName parameter in add-product.php. | Dairy_farm_shop_management_system | 6.1 | ||
| 2022-09-30 | CVE-2022-40944 | Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file. | Dairy_farm_shop_management_system | 9.8 | ||
| 2022-09-30 | CVE-2022-40943 | Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via bwdate-report-ds.php file. | Dairy_farm_shop_management_system | 9.8 | ||
| 2023-09-11 | CVE-2023-41593 | Multiple cross-site scripting (XSS) vulnerabilities in Dairy Farm Shop Management System Using PHP and MySQL v1.1 allow attackers to execute arbitrary web scripts and HTML via a crafted payload injected into the Category and Category Field parameters. | Dairy_farm_shop_management_system | 5.4 | ||
| 2022-02-11 | CVE-2020-36062 | Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised. | Dairy_farm_shop_management_system | 9.8 | ||
| 2022-05-11 | CVE-2022-29007 | Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication. | Dairy_farm_shop_management_system | 9.8 | ||
| 2023-09-08 | CVE-2023-41594 | Dairy Farm Shop Management System Using PHP and MySQL v1.1 was discovered to contain multiple SQL injection vulnerabilities in the Login function via the Username and Password parameters. | Dairy_farm_shop_management_system | 7.5 |