← back
CVE-2020-5307

CVE-2020-5307

EPSS 15.7%
Vexday Risk Score
23Low
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 15.7%KEV nãoPoC Nuclei simMetasploit Patch
Lifecycle
07 Jan 2020Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php.
Affected products
n/a · n/a