CVE-2025-51671

A SQL injection vulnerability was discovered in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability allows remote attackers to execute arbitrary SQL code via the category and categorycode parameters in a POST request to the manage-categories.php file.
Configurations

Configuration 1 (hide)

cpe:2.3:a:phpgurukul:dairy_farm_shop_management_system:1.3:*:*:*:*:*:*:*

History

01 Jul 2025, 15:53

Type Values Removed Values Added
CPE cpe:2.3:a:phpgurukul:dairy_farm_shop_management_system:1.3:*:*:*:*:*:*:*
Summary
  • (es) Se descubrió una vulnerabilidad de inyección SQL en PHPGurukul Dairy Farm Shop Management System 1.3. Esta vulnerabilidad permite a atacantes remotos ejecutar código SQL arbitrario mediante los parámetros category y categorycode en una solicitud POST al archivo manage-categories.php.
First Time Phpgurukul
Phpgurukul dairy Farm Shop Management System
References () https://github.com/rtnthakur/CVE/blob/main/PHPGurukul/Dairy-Farm-Shop-Management-System/SQL/SQL_injection_edit-category.md - () https://github.com/rtnthakur/CVE/blob/main/PHPGurukul/Dairy-Farm-Shop-Management-System/SQL/SQL_injection_edit-category.md - Exploit, Third Party Advisory

26 Jun 2025, 20:15

Type Values Removed Values Added
CWE CWE-89
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.4

26 Jun 2025, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-06-26 16:15

Updated : 2025-07-01 15:53


NVD link : CVE-2025-51671

Mitre link : CVE-2025-51671

CVE.ORG link : CVE-2025-51671


JSON object : View

Products Affected

phpgurukul

  • dairy_farm_shop_management_system
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')