SQL injection vulnerability was discovered in Courier Management System 1.0, which can be exploited via the ref_no (POST) parameter to admin_class.php
6.5CVSS
6.8AI Score
0.001EPSS
5.4CVSS
5.2AI Score
0.001EPSS
Courier Management System 1.0 1.0 is affected by SQL Injection via 'MULTIPART street '.
6.5CVSS
7AI Score
0.001EPSS
An SQL Injection vulnerability exists in Sourceodester Courier Management System 1.0 via the email parameter in /cms/ajax.php app.
9.8CVSS
9.8AI Score
0.002EPSS
Cross Site Scripting vulnerability in Best Courier Management System v.1.000 allows a remote attacker to execute arbitrary code via a crafted payload to the page parameter in the URL.
5.4CVSS
5.7AI Score
0.001EPSS
A Cross Site Scripting (XSS) vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php.
6.1CVSS
5.9AI Score
0.001EPSS
A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an unauthenticated attacker to inject a payload via the email parameter during login.
9.8CVSS
9.7AI Score
0.002EPSS