PT-2024-31933 · Unknown · Phpgurukul Dairy Farm Shop Management System

Anoncoder01

Published

2024-09-23

Updated

2025-03-31

CVE-2024-46241

CVSS v3.1

5.9

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions PHPGurukul Dairy Farm Shop Management System version 1.1

Description The issue is a Cross-Site Scripting (XSS) vulnerability. This vulnerability is exploited through the pname parameter in the "add product.php" and "edit product.php" files.

Recommendations For PHPGurukul Dairy Farm Shop Management System version 1.1, consider disabling the pname parameter in "add product.php" and "edit product.php" until a patch is available. Restrict access to these files to minimize the risk of exploitation. Validate all inputs to prevent malicious scripts from being injected.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2024-46241

Affected Products

Phpgurukul Dairy Farm Shop Management System

PT-2024-31933 · Unknown · Phpgurukul Dairy Farm Shop Management System

CVE-2024-46241

Weakness Enumeration

Related Identifiers

Affected Products

References · 10