Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.5
CVE-2026-9606: itsourcecode Courier Management System 1.0 SQL Injection Risk
CVE-2026-9606
Summary
A security flaw in itsourcecode Courier Management System 1.0 could allow hackers to access sensitive data by manipulating user IDs. This could happen if a hacker exploits a weakness in the system's user management. To stay safe, update the software to the latest version or apply a patch if one is available.
Original title
A vulnerability has been found in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /manage_user.php. Such manipulation of the argument ID leads to sql injecti...
Original description
A vulnerability has been found in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /manage_user.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
5.5
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 27 May 2026 · Updated: 15 Jun 2026 · First seen: 27 May 2026