CVE-2025-40641 | Multi-Purpose Inventory Management System Non-defining Query update product_name cross site scripting

A vulnerability, which was classified as problematic, has been found in Multi-Purpose Inventory Management System Non-defining. The affected element is an unknown function of the file /Controller_Products/update of the component Query Handler. This manipulation of the argument product_name causes cross site scripting.

This vulnerability is registered as CVE-2025-40641. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More