CVE-2025-51672 — SQL Injection in Dairy Farm Shop Management System

CWE-89 — SQL Injection3 documents3 sources

Severity

8.0HIGHNVD

EPSS

0.1%

top 66.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phpgurukul Dairy Farm Shop Management System

Timeline

PublishedJun 26

Description

A time-based blind SQL injection vulnerability was identified in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability exists in the manage-companies.php file and allows remote attackers to execute arbitrary SQL code via the companyname parameter in a POST request.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 2.1 | Impact: 5.9

Affected Packages1 packages

▶NVDphpgurukul/dairy_farm_shop_management_system1.3

🔴Vulnerability Details

GHSA

GHSA-79qw-6994-qg24: A time-based blind SQL injection vulnerability was identified in the PHPGurukul Dairy Farm Shop Management System 1↗2025-06-26

▶

CVEList

CVE-2025-51672: A time-based blind SQL injection vulnerability was identified in the PHPGurukul Dairy Farm Shop Management System 1↗2025-06-26

▶