Unrated severityNVD Advisory· Published Nov 5, 2021· Updated Aug 4, 2024
CVE-2021-39412
CVE-2021-39412
Description
Multiple Cross Site Scripting (XSS) vulnerabilities exists in PHPGurukul Shopping v3.1 via the (1) callback parameter in (a) server_side/scripts/id_jsonp.php, (b) server_side/scripts/jsonp.php, and (c) scripts/objects_jsonp.php, the (2) value parameter in examples_support/editable_ajax.php, and the (3) PHP_SELF parameter in captcha/index.php.
Affected products
2- PHPGurukul/Shoppingdescription
- Range: =3.1
Patches
Vulnerability mechanics
References
1- sisl.lab.uic.edu/projects/chess/php-gurukul-shopping/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.