CVE Details
Basic Information
| Title | 1000 Projects ABC Courier Management System getbyid.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-07-26T09:32:05.559Z |
| Modified | 2025-07-26T09:32:05.559Z |
Product Information
| Vendor | 1000 Projects |
|---|---|
| Product | ABC Courier Management System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A SQL injection vulnerability in the ABC Courier Management System allows remote attackers to inject malicious SQL code via the ID argument in getbyid.php. This could lead to unauthorized data access and manipulation. The vulnerability is considered critical and has been publicly disclosed. |
|---|---|
| AI Severity | Medium |
| AI Vendor | 1000 Projects |
| AI Product | ABC Courier Management System |
| AI Version | 1.0 |
Affected Products
- 1000 Projects ABC Courier Management System 1.0
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in 1000 Projects ABC Courier Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /getbyid.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.