CVE-2025-9845

Name of the Vulnerable Software and Affected Versions Fruit Shop Management System version 1.0

Description A cross-site scripting issue exists in the Fruit Shop Management System. The vulnerability is located in the products.php file and involves manipulation of the product code, gen name, product name, or supplier parameters. This allows for remote attacks. The exploit has been publicly disclosed.

Recommendations As a temporary workaround, consider restricting access to the products.php file to minimize the risk of exploitation. Avoid using the product code, gen name, product name, and supplier parameters in the affected file until the issue is resolved.