CVE-2026-7076

HIGH CVSS 7.3 View on NVD ↗

Description

A vulnerability was determined in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /edit_branch.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References

https://github.com/Beatriz-ai-boop/cve/issues/5
https://itsourcecode.com/
https://vuldb.com/submit/799546
https://vuldb.com/vuln/359651
https://vuldb.com/vuln/359651/cti

Published: Apr 27, 2026 02:16 UTC Modified: Apr 27, 2026 18:39 UTC