11 matches found
EUVD-2023-52286
Malicious code in bioql PyPI...
CVE-2023-48206
A Cross Site Scripting XSS vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php...
CVE-2023-48823
A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an unauthenticated attacker to inject a payload via the email parameter during login...
CVE-2023-48206
A Cross Site Scripting XSS vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php...
CVE-2023-48823
A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an unauthenticated attacker to inject a payload via the email parameter during login...
CVE-2023-48823
GaatiTrack Courier Management System v1.0 is affected by a Blind SQL injection in ajax.php during login, exploitable via the email parameter by an unauthenticated attacker. The issue arises from improper handling of the email input in the login flow, enabling arbitrary SQL execution and potential...
CVE-2023-48206
GaatiTrack Courier Management System v1.0 contains a Cross Site Scripting (XSS) flaw exploitable via the page parameter in login.php and header.php. Public sources consistently describe reflected XSS that could allow an attacker to inject arbitrary scripts, with network access (AV:N) and user int...
CVE-2023-48206
A Cross Site Scripting XSS vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php...
PT-2023-30731 · Unknown · Gaatitrack Courier Management System
Name of the Vulnerable Software and Affected Versions: GaatiTrack Courier Management System version 1.0 Description: A Cross Site Scripting XSS issue allows a remote attacker to inject JavaScript via the page parameter to "login.php" or "header.php". This could potentially lead to unauthorized...
GaatiTrack Courier Management System 1.0 SQL Injection
Exploit Title: GaatiTrack Courier Management System v1.0 - SQL Injection Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.mayurik.com/ Software Link: https://www.mayurik.com/source-code/P0998/best-courier-management-system-project-in-php...
PT-2023-7516 · Unknown · Gaatitrack Courier Management System
Name of the Vulnerable Software and Affected Versions: GaatiTrack Courier Management System version 1.0 Description: The issue is related to a Blind SQL injection in the ajax.php file of the GaatiTrack Courier Management System. This occurs due to inadequate protection of the SQL query structure...