← Zuruck zu CVEs

CVE-2020-5307

CRITICAL

9.8

Beschreibung

PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php.

CVE Details

CVSS v3.1 Bewertung9.8

SchweregradCRITICAL

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht1/7/2020

Zuletzt geandert11/21/2024

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

phpgurukul:dairy_farm_shop_management_system

Schwachen (CWE)

CWE-89

Referenzen

https://cinzinga.github.io/CVE-2020-5307-5308/(cve@mitre.org)

https://www.exploit-db.com/exploits/47846(cve@mitre.org)

https://cinzinga.github.io/CVE-2020-5307-5308/(af854a3a-2127-422b-91ae-364da2661108)

https://www.exploit-db.com/exploits/47846(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.