VYPR

Courier Management System

by GaatiTrack

CVEs (2)

  • CVE-2023-48823CriDec 7, 2023
    risk 0.64cvss 9.8epss 0.01

    A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an unauthenticated attacker to inject a payload via the email parameter during login.

  • CVE-2023-48206MedDec 7, 2023
    risk 0.40cvss 6.1epss 0.01

    A Cross Site Scripting (XSS) vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php.