Cross-Site Scripting Vulnerability in Dairy Farm Shop Management System by PHPGurukul

CVE-2020-5308

What is CVE-2020-5308?

The Dairy Farm Shop Management System version 1.0 from PHPGurukul is susceptible to Cross-Site Scripting (XSS) attacks. This vulnerability arises from improper handling of user-supplied input in various parameters such as 'category', 'CategoryCode' in add-category.php, 'CompanyName' in add-company.php, and 'ProductName' in add-product.php. Attackers can exploit this flaw to inject malicious scripts, potentially compromising the integrity of user interactions and exposing sensitive data.

References