Courier Management System
by Carmelo
CVEs (18)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-12316 | Hig | 0.47 | 7.3 | 0.00 | Oct 27, 2025 | A vulnerability was identified in code-projects Courier Management System 1.0. This impacts an unknown function of the file /courier/edit-courier.php. The manipulation of the argument OfficeName leads to sql injection. The attack is possible to be carried out remotely. The… | ||
| CVE-2026-5330 | Med | 0.42 | 6.5 | 0.00 | Apr 2, 2026 | A vulnerability was found in SourceCodester/mayuri_k Best Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=delete_user of the component User Delete Handler. Performing a manipulation of the argument ID results in… | ||
| CVE-2025-13396 | Med | 0.41 | 6.3 | 0.00 | Nov 19, 2025 | A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql injection. The attack may be initiated remotely. The exploit has been made… | ||
| CVE-2025-13303 | Med | 0.41 | 6.3 | 0.00 | Nov 17, 2025 | A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Consignment causes sql injection. The attack can be initiated remotely. The exploit… | ||
| CVE-2025-11553 | Med | 0.41 | 6.3 | 0.00 | Oct 9, 2025 | A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the argument Shippername can lead to sql injection. The attack can be launched… | ||
| CVE-2025-13302 | Med | 0.31 | 4.7 | 0.00 | Nov 17, 2025 | A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly… | ||
| CVE-2024-4945 | 0.00 | — | 0.01 | May 16, 2024 | A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file view_parcel.php. The manipulation of the argument id leads to unrestricted upload. It is possible to launch the… | |||
| CVE-2023-6898 | 0.00 | — | 0.01 | Dec 17, 2023 | A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. Affected is an unknown function of the file manage_user.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and… | |||
| CVE-2023-48823 | 0.00 | — | 0.01 | Dec 7, 2023 | A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an unauthenticated attacker to inject a payload via the email parameter during login. | |||
| CVE-2023-6301 | 0.00 | — | 0.01 | Nov 26, 2023 | A vulnerability has been found in SourceCodester Best Courier Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file parcel_list.php of the component GET Parameter Handler. The manipulation of the argument id… | |||
| CVE-2023-46006 | 0.00 | — | 0.01 | Oct 18, 2023 | Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_user.php. | |||
| CVE-2023-46005 | 0.00 | — | 0.01 | Oct 18, 2023 | Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_branch.php. | |||
| CVE-2023-46004 | 0.00 | — | 0.01 | Oct 18, 2023 | Sourcecodester Best Courier Management System 1.0 is vulnerable to Arbitrary file upload in the update_user function. | |||
| CVE-2023-46007 | 0.00 | — | 0.01 | Oct 18, 2023 | Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_staff.php. | |||
| CVE-2023-5273 | 0.00 | — | 0.01 | Sep 29, 2023 | A vulnerability classified as problematic was found in SourceCodester Best Courier Management System 1.0. This vulnerability affects unknown code of the file manage_parcel_status.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated… | |||
| CVE-2023-5272 | 0.00 | — | 0.01 | Sep 29, 2023 | A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. This affects an unknown part of the file edit_parcel.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The exploit… | |||
| CVE-2023-5271 | 0.00 | — | 0.01 | Sep 29, 2023 | A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file edit_parcel.php. The manipulation of the argument email leads to sql injection. The exploit has been… | |||
| CVE-2023-5270 | 0.00 | — | 0.01 | Sep 29, 2023 | A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_parcel.php. The manipulation of the argument id leads to sql injection. The exploit has… |
- risk 0.47cvss 7.3epss 0.00
A vulnerability was identified in code-projects Courier Management System 1.0. This impacts an unknown function of the file /courier/edit-courier.php. The manipulation of the argument OfficeName leads to sql injection. The attack is possible to be carried out remotely. The…
- risk 0.42cvss 6.5epss 0.00
A vulnerability was found in SourceCodester/mayuri_k Best Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=delete_user of the component User Delete Handler. Performing a manipulation of the argument ID results in…
- risk 0.41cvss 6.3epss 0.00
A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql injection. The attack may be initiated remotely. The exploit has been made…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Consignment causes sql injection. The attack can be initiated remotely. The exploit…
- risk 0.41cvss 6.3epss 0.00
A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the argument Shippername can lead to sql injection. The attack can be launched…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly…
- CVE-2024-4945May 16, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file view_parcel.php. The manipulation of the argument id leads to unrestricted upload. It is possible to launch the…
- CVE-2023-6898Dec 17, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. Affected is an unknown function of the file manage_user.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and…
- CVE-2023-48823Dec 7, 2023risk 0.00cvss —epss 0.01
A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an unauthenticated attacker to inject a payload via the email parameter during login.
- CVE-2023-6301Nov 26, 2023risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Best Courier Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file parcel_list.php of the component GET Parameter Handler. The manipulation of the argument id…
- CVE-2023-46006Oct 18, 2023risk 0.00cvss —epss 0.01
Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_user.php.
- CVE-2023-46005Oct 18, 2023risk 0.00cvss —epss 0.01
Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_branch.php.
- CVE-2023-46004Oct 18, 2023risk 0.00cvss —epss 0.01
Sourcecodester Best Courier Management System 1.0 is vulnerable to Arbitrary file upload in the update_user function.
- CVE-2023-46007Oct 18, 2023risk 0.00cvss —epss 0.01
Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_staff.php.
- CVE-2023-5273Sep 29, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in SourceCodester Best Courier Management System 1.0. This vulnerability affects unknown code of the file manage_parcel_status.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated…
- CVE-2023-5272Sep 29, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. This affects an unknown part of the file edit_parcel.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The exploit…
- CVE-2023-5271Sep 29, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file edit_parcel.php. The manipulation of the argument email leads to sql injection. The exploit has been…
- CVE-2023-5270Sep 29, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_parcel.php. The manipulation of the argument id leads to sql injection. The exploit has…