Submit #333960: SourceCodester Best courier management system project in php V1.0 Unrestricted Uploadinfo

TitleSourceCodester Best courier management system project in php V1.0 Unrestricted Upload
DescriptionThe PHP method uses methods located in view_parcel The $_Variable element on line 5 of the PHP file receives and dynamically executes user controlled code. This allows attackers to cause SQL injection attacks. zebra11 has discovered that due to insufficient protection of the "id" parameter in the "\view_parcel.php" file, "Best courier management system project in php" there is a serious security vulnerability in the This vulnerability may be used to inject malicious SQL queries, resulting in unauthorized access and extraction of sensitive information from the database.
Source⚠️ https://github.com/CveSecLook/cve/issues/28
Userzebra11 (ID 68838)
Submission05/14/2024 05:07 PM (1 month ago)
Moderation05/15/2024 05:04 PM (24 hours later)
StatusAccepted
VulDB Entry264480

Interested in the pricing of exploits?

See the underground prices here!