Dairy Farm Shop Management System

A vulnerability, which was classified as critical, has been found in PHPGurukul Dairy Farm Shop Management System 1.3. Affected by this issue is some unknown functionality of the file /invoice.php. The manipulation of the argument del leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

A vulnerability has been found in PHPGurukul Dairy Farm Shop Management System 1.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file invoices.php. The manipulation of the argument del leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

A vulnerability, which was classified as critical, was found in PHPGurukul Dairy Farm Shop Management System 1.3. Affected is an unknown function of the file view-invoice.php. The manipulation of the argument invid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

A vulnerability, which was classified as critical, has been found in PHPGurukul Dairy Farm Shop Management System 1.3. This issue affects some unknown processing of the file edit-category.php. The manipulation of the argument categorycode leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

A vulnerability classified as critical was found in PHPGurukul Dairy Farm Shop Management System 1.3. This vulnerability affects unknown code of the file edit-company.php. The manipulation of the argument companyname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

A vulnerability classified as critical has been found in PHPGurukul Dairy Farm Shop Management System 1.3. This affects an unknown part of the file edit-product.php. The manipulation of the argument productname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

A SQL injection vulnerability was discovered in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability allows remote attackers to execute arbitrary SQL code via the category and categorycode parameters in a POST request to the manage-categories.php file.

A time-based blind SQL injection vulnerability was identified in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability exists in the manage-companies.php file and allows remote attackers to execute arbitrary SQL code via the companyname parameter in a POST request.

A critical SQL injection vulnerability exists in PHPGurukul Dairy Farm Shop Management System version 1.3 within the /search-product.php endpoint, specifically in the 'productname' parameter. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion of the database. The vulnerability has been publicly disclosed with proof-of-concept code available, making active exploitation a significant risk.

PHPGurukul Dairy Farm Shop Management System version 1.3 contains a critical SQL injection vulnerability in the /sales-report-details.php file affecting the fromdate and todate parameters. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary SQL queries, leading to unauthorized data access, modification, or deletion. The vulnerability has been publicly disclosed with working proof-of-concept code available, making active exploitation likely in the wild.

SQL injection vulnerability in PHPGurukul Dairy Farm Shop Management System version 1.3, specifically in the /profile.php file's mobilenumber parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has public exploit code available and carries a CVSS score of 7.3 (high severity), though the actual exploitability depends on database configuration and input filtering implementation.

Critical SQL injection vulnerability in PHPGurukul Dairy Farm Shop Management System version 1.3, specifically in the /bwdate-report-details.php file where the fromdate and todate parameters are inadequately sanitized. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion. The exploit has been publicly disclosed with proof-of-concept availability, indicating active exploitation risk.

PHPGurukul Dairy Farm Shop Management System version 1.3 contains a critical SQL injection vulnerability in the /add-product.php file's productname parameter that allows unauthenticated remote attackers to execute arbitrary SQL queries. The vulnerability has been publicly disclosed with proof-of-concept code available, creating immediate risk for all exposed installations. With a CVSS score of 7.3 (High) and evidence of public disclosure, this vulnerability should be prioritized for remediation despite the moderate CVSS rating.

Critical SQL injection vulnerability in PHPGurukul Dairy Farm Shop Management System version 1.3, specifically in the /add-company.php file where the 'companyname' parameter is improperly sanitized. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially leading to data theft, modification, or deletion. The exploit has been publicly disclosed and proof-of-concept code is available, significantly increasing real-world exploitation risk.

A vulnerability, which was classified as critical, was found in PHPGurukul Dairy Farm Shop Management System up to 1.1. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.