CVE Details
Basic Information
| Title | PHPGurukul Dairy Farm Shop Management System invoices.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-07-14T09:32:06.987Z |
| Modified | 2025-07-14T09:32:06.987Z |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Dairy Farm Shop Management System |
| Version | 1.3 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A SQL injection vulnerability exists in the invoices.php file of PHPGurukul’s Dairy Farm Shop Management System 1.3. This allows remote attackers to inject SQL commands via the ‘del’ parameter, potentially leading to data manipulation or extraction. |
|---|---|
| AI Severity | Medium |
| AI Vendor | PHPGurukul |
| AI Product | Dairy Farm Shop Management System |
| AI Version | 1.3 |
Affected Products
- PHPGurukul Dairy Farm Shop Management System 1.3
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability has been found in PHPGurukul Dairy Farm Shop Management System 1.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file invoices.php. The manipulation of the argument del leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.