Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-13396 | 1 Carmelogarcia | 1 Courier Management System | 2025-11-20 | 6.5 MEDIUM | 6.3 MEDIUM |
| A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-13302 | 1 Carmelogarcia | 1 Courier Management System | 2025-11-19 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-13303 | 1 Carmelogarcia | 1 Courier Management System | 2025-11-19 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Consignment causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-12316 | 1 Carmelogarcia | 1 Courier Management System | 2025-10-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was identified in code-projects Courier Management System 1.0. This impacts an unknown function of the file /courier/edit-courier.php. The manipulation of the argument OfficeName leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-11553 | 1 Carmelogarcia | 1 Courier Management System | 2025-10-20 | 6.5 MEDIUM | 6.3 MEDIUM |
| A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the argument Shippername can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2024-10607 | 1 Carmelogarcia | 1 Courier Management System | 2024-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was found in code-projects Courier Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /track-result.php. The manipulation of the argument Consignment leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-10608 | 1 Carmelogarcia | 1 Courier Management System | 2024-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was found in code-projects Courier Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /login.php. The manipulation of the argument txtusername leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||