PT-2025-30939 · 1000 Projects · Best Courier Management System
Li Feng
·
Published
2025-07-25
·
Updated
2025-07-26
·
CVE-2025-8173
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
1000 Projects ABC Courier Management System version 1.0
Description
A critical issue exists in 1000 Projects ABC Courier Management System version 1.0. The vulnerability is located in an unknown functionality of the file
/Add reciver.php. Manipulation of the reciver name argument leads to SQL injection. The attack can be launched remotely. The exploit has been disclosed to the public.Recommendations
As a mitigation, sanitize the
reciver name argument in the /Add reciver.php file to prevent SQL injection.Exploit
Fix
Special Elements Injection
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Best Courier Management System