Lucene search
AttackerKBAKB:3946FBD1-08DB-4CF4-A269-C80337F21947HistoryJan 07, 2020 - 12:00 a.m.
CVE-2020-5308
2020-01-0700:00:00
attackerkb.com
17
EPSS
0.016
Percentile
87.7%
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName parameter in add-product.php.
Recent assessments:
cinzinga at March 09, 2020 9:33pm UTC reported:
I am the author of this vulnerability. This is a stored cross site scripting vulnerability. It could be paired with CVE-2020-5307 which is an unauthenticated SQL injection to obtain login credentials, then plant the stored XSS payload.
Blog post: <https://cinzinga.github.io/CVE-2020-5307-5308/>
Assessed Attacker Value: 1
Assessed Attacker Value: 1Assessed Attacker Value: 3
Related
prion
prion
Design/Logic Flaw
2020-01-09 13:15:00
Sql injection
2020-01-07 19:15:00
packetstorm
packetstorm
Dairy Farm Shop Management System 1.0 Cross Site Scripting
2020-01-07 00:00:00
nvd
nvd
CVE-2020-5308
2020-01-09 13:15:11
CVE-2020-5307
2020-01-07 19:15:11
cvelist
cvelist
CVE-2020-5308
2020-01-09 12:15:18
CVE-2020-5307
2020-01-07 18:58:33
cve
cve
CVE-2020-5308
2020-01-09 13:15:11
CVE-2020-5307
2020-01-07 19:15:11
attackerkb
attackerkb
CVE-2020-5307
2020-01-07 00:00:00
nuclei
nuclei
PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection
2021-07-25 02:50:53