cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-4945,https://securityvulnerability.io/vulnerability/CVE-2024-4945,Unrestricted Upload Vulnerability in View_parcel.php,A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file view_parcel.php. The manipulation of the argument id leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-264480.,Sourcecodester,Best Courier Management System,4.3,MEDIUM,0.00044999999227002263,false,false,false,true,true,false,false,2024-05-16T05:00:05.656Z,0
CVE-2023-6898,https://securityvulnerability.io/vulnerability/CVE-2023-6898,SourceCodester Best Courier Management System manage_user.php sql injection,"A SQL injection vulnerability exists in the Best Courier Management System, specifically in the manage_user.php file. This flaw allows attackers to manipulate the 'id' argument, potentially compromising the application's database by executing arbitrary SQL commands. With this vulnerability publicly disclosed, it poses a substantial risk, making it essential for users to apply timely patches and implement security measures to safeguard their data.",SourceCodester,Best Courier Management System,9.8,CRITICAL,0.0012499999720603228,false,false,false,false,,false,false,2023-12-17T11:15:00.000Z,0
CVE-2023-6300,https://securityvulnerability.io/vulnerability/CVE-2023-6300,SourceCodester Best Courier Management System cross site scripting,"A vulnerability, which was classified as problematic, was found in SourceCodester Best Courier Management System 1.0. Affected is an unknown function. The manipulation of the argument page with the input </TiTlE><ScRiPt>alert(1)</ScRiPt> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-246126 is the identifier assigned to this vulnerability.",Sourcecodester,Best Courier Management System,3.5,LOW,0.0007099999929778278,false,false,false,false,,false,false,2023-11-27T00:15:00.000Z,0
CVE-2023-6301,https://securityvulnerability.io/vulnerability/CVE-2023-6301,SourceCodester Best Courier Management System GET Parameter parcel_list.php cross site scripting,A vulnerability has been found in SourceCodester Best Courier Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file parcel_list.php of the component GET Parameter Handler. The manipulation of the argument id with the input </TiTlE><ScRiPt>alert(1)</ScRiPt> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246127.,SourceCodester,Best Courier Management System,6.1,MEDIUM,0.0007099999929778278,false,false,false,false,,false,false,2023-11-27T00:15:00.000Z,0
CVE-2023-5302,https://securityvulnerability.io/vulnerability/CVE-2023-5302,SourceCodester Best Courier Management System Manage Account Page cross site scripting,"A vulnerability, which was classified as problematic, has been found in SourceCodester Best Courier Management System 1.0. This issue affects some unknown processing of the component Manage Account Page. The manipulation of the argument First Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240941 was assigned to this vulnerability.",Sourcecodester,Best Courier Management System,3.5,LOW,0.0013899999903514981,false,false,false,false,,false,false,2023-09-30T12:15:00.000Z,0
CVE-2023-5273,https://securityvulnerability.io/vulnerability/CVE-2023-5273,SourceCodester Best Courier Management System manage_parcel_status.php cross site scripting,A vulnerability classified as problematic was found in SourceCodester Best Courier Management System 1.0. This vulnerability affects unknown code of the file manage_parcel_status.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-240886 is the identifier assigned to this vulnerability.,SourceCodester,Best Courier Management System,5.4,MEDIUM,0.0013899999903514981,false,false,false,false,,false,false,2023-09-29T17:15:00.000Z,0
CVE-2023-5272,https://securityvulnerability.io/vulnerability/CVE-2023-5272,SourceCodester Best Courier Management System GET Parameter edit_parcel.php sql injection,"A SQL injection vulnerability has been identified in the SourceCodester Best Courier Management System version 1.0. This issue specifically affects the edit_parcel.php file within the GET Parameter Handler component. By manipulating the 'id' parameter, attackers can execute arbitrary SQL commands, potentially compromising the database's integrity and confidentiality. This exploit is publicly known, emphasizing the need for immediate action to secure this application against unauthorized database access.",SourceCodester,Best Courier Management System,8.8,HIGH,0.004629999864846468,false,false,false,false,,false,false,2023-09-29T17:15:00.000Z,0
CVE-2023-5269,https://securityvulnerability.io/vulnerability/CVE-2023-5269,SourceCodester Best Courier Management System GET Parameter parcel_list.php sql injection,"A SQL injection vulnerability has been identified in SourceCodester's Best Courier Management System version 1.0. This issue lies within the GET Parameter Handler, specifically the 's' argument in the file parcel_list.php. Manipulation of this parameter can allow attackers to execute arbitrary SQL queries, leading to unauthorized data access and potential data compromise. The vulnerability has been publicly disclosed, and users are encouraged to apply necessary security measures to safeguard their systems.",Sourcecodester,Best Courier Management System,8.8,HIGH,0.004629999864846468,false,false,false,false,,false,false,2023-09-29T16:15:00.000Z,0
CVE-2023-5271,https://securityvulnerability.io/vulnerability/CVE-2023-5271,SourceCodester Best Courier Management System edit_parcel.php sql injection,"A security flaw exists in the SourceCodester Best Courier Management System version 1.0, specifically within the edit_parcel.php file. This vulnerability allows an attacker to manipulate the 'email' parameter, potentially leading to SQL Injection attacks. If exploited, it can compromise the database and lead to unauthorized data access. Given the public disclosure of the exploit, it is critical for users to take preventive measures to secure their systems against any potential attacks exploiting this vulnerability.",SourceCodester,Best Courier Management System,8.8,HIGH,0.004629999864846468,false,false,false,false,,false,false,2023-09-29T16:15:00.000Z,0
CVE-2023-5270,https://securityvulnerability.io/vulnerability/CVE-2023-5270,SourceCodester Best Courier Management System view_parcel.php sql injection,"A vulnerability in the SourceCodester Best Courier Management System's view_parcel.php file enables an attacker to manipulate the argument 'id', leading to SQL injection. This allows unauthorized access to sensitive data within the application. The exploit has been publicly disclosed, raising concerns for users of version 1.0 and potentially exposing them to further attacks.",SourceCodester,Best Courier Management System,8.8,HIGH,0.004629999864846468,false,false,false,false,,false,false,2023-09-29T16:15:00.000Z,0