Vulnerability-Report

Unauthenticated Arbitrary File Upload RCE in Gaatitrack Cour...

EUVD-2023-52286

Malicious code in bioql PyPI...

EUVD-2023-52854

Malicious code in bioql PyPI...

CVE-2023-48206

A Cross Site Scripting XSS vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php...

CVE-2023-48823

A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an unauthenticated attacker to inject a payload via the email parameter during login...

CVE-2023-48206

A Cross Site Scripting XSS vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php...

CVE-2023-48206

A Cross Site Scripting XSS vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php...

Sql injection

A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an unauthenticated attacker to inject a payload via the email parameter during login...

Cross site scripting

A Cross Site Scripting XSS vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php...

CVE-2023-48823

A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an unauthenticated attacker to inject a payload via the email parameter during login...

CVE-2023-48206

GaatiTrack Courier Management System v1.0 contains a Cross Site Scripting (XSS) flaw exploitable via the page parameter in login.php and header.php. Public sources consistently describe reflected XSS that could allow an attacker to inject arbitrary scripts, with network access (AV:N) and user int...

CVE-2023-48206

A Cross Site Scripting XSS vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php...

GaatiTrack Courier Management System Security Vulnerability

GaatiTrack Courier Management System is a courier management system by Mayuri K. Individual developer. A security vulnerability exists in GaatiTrack Courier Management System version 1.0. An attacker exploits the vulnerability to inject a payload via email parameters during login...

CVE-2023-48206

A Cross Site Scripting XSS vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php...

CVE-2023-48823

GaatiTrack Courier Management System v1.0 is affected by a Blind SQL injection in ajax.php during login, exploitable via the email parameter by an unauthenticated attacker. The issue arises from improper handling of the email input in the login flow, enabling arbitrary SQL execution and potential...

PT-2023-30731 · Unknown · Gaatitrack Courier Management System

Name of the Vulnerable Software and Affected Versions: GaatiTrack Courier Management System version 1.0 Description: A Cross Site Scripting XSS issue allows a remote attacker to inject JavaScript via the page parameter to "login.php" or "header.php". This could potentially lead to unauthorized...

GaatiTrack Courier Management System 1.0 SQL Injection Vulnerability

Exploit Title: GaatiTrack Courier Management System v1.0 - SQL Injection Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.mayurik.com/ Software Link: https://www.mayurik.com/source-code/P0998/best-courier-management-system-project-in-php Version: v1.0 Teste...

GaatiTrack Courier Management System 1.0 SQL Injection

Exploit Title: GaatiTrack Courier Management System v1.0 - SQL Injection Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.mayurik.com/ Software Link: https://www.mayurik.com/source-code/P0998/best-courier-management-system-project-in-php...

GaatiTrack Courier Management System Cross-Site Scripting Vulnerability

GaatiTrack Courier Management System is a courier management system by Mayuri K. Individual developer. A cross-site scripting vulnerability exists in GaatiTrack Courier Management System version 1.0. An attacker can exploit this vulnerability to execute arbitrary web script or HTML...

PT-2023-7516 · Unknown · Gaatitrack Courier Management System

Name of the Vulnerable Software and Affected Versions: GaatiTrack Courier Management System version 1.0 Description: The issue is related to a Blind SQL injection in the ajax.php file of the GaatiTrack Courier Management System. This occurs due to inadequate protection of the SQL query structure...