CVE-2024-10757

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Shopping Portal version 2.0

Description A problematic issue has been found in the PHPGurukul Online Shopping Portal, affecting some unknown functionality of the file /admin/assets/plugins/DataTables/media/unit testing/templates/js data.php. The manipulation of the scripts argument leads to cross-site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For PHPGurukul Online Shopping Portal version 2.0, consider disabling access to the /admin/assets/plugins/DataTables/media/unit testing/templates/js data.php file until a patch is available. Restrict the manipulation of the scripts argument to minimize the risk of cross-site scripting exploitation.