PHPGurukul Dairy Farm Shop Management System Time-Based Blind SQL Injection Vulnerability

Vulnerability

A time-based blind SQL injection vulnerability exists in PHPGurukul Dairy Farm Shop Management System version 1.3. The issue is located in the manage-companies.php file, where remote attackers can execute arbitrary SQL code by manipulating the companyname parameter in a POST request.

Impact

Exploitation of this vulnerability allows for time-based blind SQL injection, where an attacker can execute arbitrary SQL commands on the database. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.

Added: Jun 26, 2025, 3:37 PM

Updated: Jun 26, 2025, 4:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

2.5

exploitability

7.2

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

2.5

exploitability

7.2

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PHPGurukul Dairy Farm Shop Management System Time-Based Blind SQL Injection Vulnerability

Vulnerability

Impact

Affected Products

PHPGurukul Dairy Farm Shop Management System

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating