Itsourcecode · Best Courier Management System · CVE-2026-7592
**Name of the Vulnerable Software and Affected Versions**
itsourcecode Courier Management System version 1.0
**Description**
A weakness in the '/edit staff.php' endpoint allows for remote SQL injection. This occurs when the `ID` argument is manipulated, potentially allowing an attacker to interfere with the application's database queries.
**Recommendations**
Restrict access to the '/edit staff.php' file or avoid using the `ID` parameter until a fix is applied.