CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 2CVE-2020-5308 – Dairy Farm Shop Management System 1.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2020-5308
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName parameter in add-product.php. PHPGurukul Dairy Farm Shop Management System versión 1.0, es vulnerable a un ataque de tipo XSS, como es demostrado por los parámetros category y CategoryCode en el archivo add-category.php, el parámetro CompanyName en el archivo add-company.php y el parámetro ProductName en el archivo add-product.php. Dairy Farm Shop Management System version 1.0 suffers from a persistent cross site scripting vulnerability. • http://packetstormsecurity.com/files/155861/Dairy-Farm-Shop-Management-System-1.0-Cross-Site-Scripting.html https://cinzinga.github.io/CVE-2020-5307-5308 https://phpgurukul.com/dairy-farm-shop-management-system-using-php-and-mysql • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-5191 – Hospital Management System 4.0 - Persistent Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2020-5191
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities. PHPGurukul Hospital Management System en PHP versión v4.0, sufre de múltiples vulnerabilidades de tipo XSS persistentes. • https://www.exploit-db.com/exploits/47841 https://phpgurukul.com/hospital-management-system-in-php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 24%CPEs: 1EXPL: 1CVE-2020-5192 – Hospital Management System 4.0 - 'searchdata' SQL Injection
https://notcve.org/view.php?id=CVE-2020-5192
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilities: multiple pages and parameters are not validating user input, and allow for the application's database and information to be fully compromised. PHPGurukul Hospital Management System en PHP versión v4.0 sufre de múltiples vulnerabilidades de inyección SQL: múltiples páginas y parámetros no comprueban la entrada del usuario y permiten que la base de datos y la información de la aplicación estén completamente comprometidas. • https://www.exploit-db.com/exploits/47840 https://phpgurukul.com/hospital-management-system-in-php • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •