Aggregates CVE and security vulnerability intelligence across all courier_management_system_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk sql injection and vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact data exposure.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-46198 | An SQL Injection vulnerability exists in Sourceodester Courier Management System 1.0 via the email parameter in /cms/ajax.php app. | [email protected] | 9.8 | 1.75% | 2022-01-21 | 2024-11-21 |
| CVE-2020-35329 | Courier Management System 1.0 1.0 is affected by SQL Injection via 'MULTIPART street '. | [email protected] | 6.5 | 1.30% | 2021-03-04 | 2024-11-21 |
| CVE-2020-35328 | Courier Management System 1.0 - 'First Name' Stored XSS | [email protected] | 5.4 | 0.69% | 2021-03-04 | 2024-11-21 |
| CVE-2020-35327 | SQL injection vulnerability was discovered in Courier Management System 1.0, which can be exploited via the ref_no (POST) parameter to admin_class.php | [email protected] | 6.5 | 1.30% | 2021-03-04 | 2024-11-21 |