A SQL injection vulnerability was discovered in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability allows remote attackers to execute arbitrary SQL code via the category and categorycode parameters in a POST request to the manage-categories.php file.
References
Link | Resource |
---|---|
https://github.com/rtnthakur/CVE/blob/main/PHPGurukul/Dairy-Farm-Shop-Management-System/SQL/SQL_injection_edit-category.md | Exploit Third Party Advisory |
Configurations
History
01 Jul 2025, 15:53
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:phpgurukul:dairy_farm_shop_management_system:1.3:*:*:*:*:*:*:* | |
Summary |
|
|
First Time |
Phpgurukul
Phpgurukul dairy Farm Shop Management System |
|
References | () https://github.com/rtnthakur/CVE/blob/main/PHPGurukul/Dairy-Farm-Shop-Management-System/SQL/SQL_injection_edit-category.md - Exploit, Third Party Advisory |
26 Jun 2025, 20:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-89 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
26 Jun 2025, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-06-26 16:15
Updated : 2025-07-01 15:53
NVD link : CVE-2025-51671
Mitre link : CVE-2025-51671
CVE.ORG link : CVE-2025-51671
JSON object : View
Products Affected
phpgurukul
- dairy_farm_shop_management_system
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')