SQL Injection Vulnerability in Dairy Farm Shop Management System by PHP Gurukul
CVE-2022-40943

9.8CRITICAL

Key Information:

Vendor: PHPgurukul
Status: Dairy Farm Shop Management System
Vendor: CVE Published:; 30 September 2022

Summary

The Dairy Farm Shop Management System version 1.0 is susceptible to SQL Injection through the bwdate-report-ds.php file. This vulnerability allows an attacker to manipulate SQL queries, potentially gaining unauthorized access to sensitive data stored in the database. Exploiting this weakness could lead to significant data breaches or data corruption, compromising the integrity and confidentiality of the application.

References

https://phpgurukul.com/dairy-farm-shop-management-system-...

x_refsource_MISC

https://github.com/Qrayyy/CVE/blob/main/Dairy%20Farm%20Sh...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 30, 2022
Vulnerability Reserved
Sep 19, 2022