SQL Injection Vulnerability in 1000 Projects ABC Courier Management System
CVE-2025-8173

7.3HIGH

Key Information:

Vendor: 1000 Projects
Status: ABC Courier Management System
Vendor: CVE Published:; 25 July 2025

🔔 Create 1000 Projects Vulnerability Alert

What is CVE-2025-8173?

A security flaw exists in the 1000 Projects ABC Courier Management System version 1.0, specifically within the /Add_reciver.php functionality. This vulnerability allows for SQL injection through manipulation of the 'reciver_name' argument. Attackers can exploit this weakness remotely, making it essential for users to address the issue. The vulnerability details have been publicly disclosed, highlighting its potential for exploitation.

References

https://1000projects.org/

https://github.com/Pick-program/CVE/issues/2

https://vuldb.com/?ctiid.317587

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025