Best Courier Management System
CVE-2023-46004
HIGH
Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Sourcecodester Best Courier Management System 1.0 is vulnerable to Arbitrary file upload in the update_user function.
AnalysisAI
Sourcecodester Best Courier Management System 1.0 is vulnerable to Arbitrary file upload in the update_user function. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Unrestricted File Upload (CWE-434), which allows attackers to upload malicious files that can be executed on the server. Sourcecodester Best Courier Management System 1.0 is vulnerable to Arbitrary file upload in the update_user function. Affected products include: Mayurik Best Courier Management System.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate file types server-side, store uploads outside webroot, use random filenames, scan for malware.
File Upload vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary c
SQL Injection vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary
A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. Rated critic
An issue in Best Courier Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privile
Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_staff.php
Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_user.php.
Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_branch.ph
A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. Rated high s
A vulnerability was found in SourceCodester Best Courier Management System 1.0. Rated high severity (CVSS 8.8), this vul
A vulnerability was found in SourceCodester Best Courier Management System 1.0. Rated high severity (CVSS 8.8), this vul
A vulnerability has been found in SourceCodester Best Courier Management System 1.0 and classified as problematic. Rated
A vulnerability, which was classified as problematic, was found in SourceCodester Best Courier Management System 1.0. Ra
Same technique File Upload
View allShare
External POC / Exploit Code
Leaving vuln.today