CVE-2024-46241

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-46241
PHPGurukul Dairy Farm Shop Management System v1.1 is vulnerable to Cross-Site Scripting (XSS) via the pname parameter in add_product.php and edit_product.php.

5.9 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 3.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://github.com/npemma2/PHP_DairyFarm_XSS Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:phpgurukul:dairy_farm_shop_management_system:1.1:*:*:*:*:*:*:*
History

31 Mar 2025, 19:20

Type Values Removed Values Added
References () https://github.com/npemma2/PHP_DairyFarm_XSS - () https://github.com/npemma2/PHP_DairyFarm_XSS - Exploit, Third Party Advisory
First Time Phpgurukul dairy Farm Shop Management System
Phpgurukul
CPE cpe:2.3:a:phpgurukul:dairy_farm_shop_management_system:1.1:*:*:*:*:*:*:*
Information

Published : 2024-09-23 13:15

Updated : 2025-03-31 19:20

NVD link : CVE-2024-46241

Mitre link : CVE-2024-46241

CVE.ORG link : CVE-2024-46241

JSON object : View

Products Affected

phpgurukul

  • dairy_farm_shop_management_system
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')