CVE-2020-5307
CVE-2020-5307
Vexday Risk Score
23Low
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS —EPSS 15.7%KEV nãoPoC —Nuclei simMetasploit —Patch —
Lifecycle
07 Jan 2020Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php.
Affected products
n/a · n/a