Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Multiple vulnerabilities in Poultry Farm Management System

Posted date 20/01/2026
Identificador
INCIBE-2026-039
Importance
3 - Medium
Affected Resources

Poultry Farm Management System, version 1.0.

Description

INCIBE has coordinated the publication of 2 medium-severity vulnerability affecting Poultry Farm Management System,  a poultry farm management system. These vulnerabilities were discovered by Rafael Pedrero.

These vulnerabilities has been assigned the following codes, CVSS v4.0 base score, CVSS vector and CWE vulnerability type:

  • CVE-2025-41024 y CVE-2025-41025: CVSS v4.0: 5.1 | CVSS AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N | CWE-79
Solution

There is no solition reported at this time.

Detail

Stored Cross-Site Scripting (XSS) in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows:

  • CVE-2025-41024: 'companyaddress', 'companyemail', 'companyname', 'country', 'mobilenumber' y 'regno' parameters in '/farm/farmprofile.php'.
  • CVE-2025-41025: 'category' y 'product' parameters in '/farm/sell_product.php'.
CVE
Explotación
No
References list
Poultry Farm Management System in PHP Source Code Free Download | SourceCodester
Etiquetas