Your browser is unsupported

We recommend using the latest version of IE11, Edge, Chrome, Firefox or Safari.

Cross site scripting in PHP Gurukul Shopping v3.1

Multiple cross site scripting vulnerabilities are present in PHP Gurukul Shopping v3.1. The following is detailed information about these vulnerabilities:

file: admin/assets/plugins/DataTables/examples/server_side/scripts/id_jsonp.php
line: 195
HTTP Parameter name: callback

file: admin/assets/plugins/DataTables/examples/server_side/scripts/jsonp.php
line: 190
HTTP Parameter name: callback,

file: admin/assets/plugins/DataTables/examples/server_side/scripts/objects_jsonp.php,
line:  192
HTTP Parameter name: callback,

file: admin/assets/plugins/DataTables/examples/examples_support/editable_ajax.php,
line: 2
HTTP Parameter name: value,

file: admin/assets/plugins/jquery-validation/demo/captcha/index.php
line: 55
HTTP Parameter name: PHP_SELF

Above vulnerabilities are published at CVE-2021-39412

This vulnerability was detected as part of the DARPA CHESS program