Zhaiyi (Zeo)

3 exploits Active since Mar 2021
CVE-2020-35329 EXPLOITDB MEDIUM text WORKING POC
Courier Management System 1.0 - SQL Injection via MULTIPART street Parameter
Courier Management System 1.0 1.0 is affected by SQL Injection via 'MULTIPART street '.
CVSS 6.5
CVE-2020-35328 EXPLOITDB MEDIUM text WRITEUP
Courier Management System 1.0 - Stored Cross-Site Scripting via First Name Field
Courier Management System 1.0 - 'First Name' Stored XSS
CVSS 5.4
CVE-2020-35327 EXPLOITDB MEDIUM text WRITEUP
Courier Management System 1.0 - SQL Injection via ref_no Parameter
SQL injection vulnerability was discovered in Courier Management System 1.0, which can be exploited via the ref_no (POST) parameter to admin_class.php
CVSS 6.5