Zhaiyi

6 exploits Active since Mar 2021
CVE-2020-35329 EXPLOITDB MEDIUM text WORKING POC
Courier Management System 1.0 - SQL Injection via MULTIPART street Parameter
Courier Management System 1.0 1.0 is affected by SQL Injection via 'MULTIPART street '.
CVSS 6.5
CVE-2020-35328 EXPLOITDB MEDIUM text WRITEUP
Courier Management System 1.0 - Stored Cross-Site Scripting via First Name Field
Courier Management System 1.0 - 'First Name' Stored XSS
CVSS 5.4
CVE-2020-35327 EXPLOITDB MEDIUM text WRITEUP
Courier Management System 1.0 - SQL Injection via ref_no Parameter
SQL injection vulnerability was discovered in Courier Management System 1.0, which can be exploited via the ref_no (POST) parameter to admin_class.php
CVSS 6.5
EIP-2026-106141 EXPLOITDB text WORKING POC
Content Management System 1.0 - 'email' SQL Injection
EIP-2026-106142 EXPLOITDB text WORKING POC
Content Management System 1.0 - 'First Name' Stored XSS
EIP-2026-106143 EXPLOITDB text WORKING POC
Content Management System 1.0 - 'id' SQL Injection