8 matches found
CVE-2023-46007
Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_staff.php.
CVE-2024-48580
SQL Injection vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the email parameter of the login request.
CVE-2024-48581
File Upload vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the admin_class.php component.
CVE-2023-46006
Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_user.php.
CVE-2024-4945
A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file view_parcel.php. The manipulation of the argument id leads to unrestricted upload. It is possible to launch the attack remotely. The exp...
CVE-2023-46005
Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_branch.php.
CVE-2023-6898
A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. Affected is an unknown function of the file manage_user.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The iden...
CVE-2023-46980
An issue in Best Courier Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the userID parameter.