Vulnerability Details CVE-2021-46198
An SQL Injection vulnerability exists in Sourceodester Courier Management System 1.0 via the email parameter in /cms/ajax.php app.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Courier-Management-System
- https://www.nu11secur1ty.com/2022/01/courier-management-system-10-sql.html
- https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Courier-Management-System
- https://www.nu11secur1ty.com/2022/01/courier-management-system-10-sql.html
Products affected by CVE-2021-46198
-
cpe:2.3:a:courier_management_system_project:courier_management_system:1.0