Plateforme
php
Composant
vulnerability-report
Corrigé dans
1.0.1
1.0.1
CVE-2026-5330 is an improper access control vulnerability affecting SourceCodester's Best Courier Management System versions 1.0. This flaw allows attackers to manipulate the 'ID' parameter within the /ajax.php?action=delete_user endpoint, potentially leading to unauthorized deletion of user accounts. The vulnerability is remotely exploitable and a public proof-of-concept exists, highlighting the urgency of remediation.
Successful exploitation of CVE-2026-5330 allows an attacker to delete user accounts within the Best Courier Management System without proper authorization. This can disrupt operations, compromise sensitive data associated with those accounts (e.g., delivery information, contact details), and potentially grant the attacker administrative access if they delete a privileged user. The public availability of a proof-of-concept significantly increases the risk of widespread exploitation, particularly against systems with weak security configurations or those not actively monitored for intrusion attempts. The blast radius extends to all users of the affected system, as any user account could be targeted for deletion.
CVE-2026-5330 is publicly known and a proof-of-concept exploit is available, indicating a high likelihood of exploitation. The vulnerability was disclosed on 2026-04-02. Its inclusion in public exploit repositories suggests active scanning and potential targeting by malicious actors. The CVSS score of 6.5 (Medium) reflects the potential impact and ease of exploitation.
Organizations utilizing Best Courier Management System version 1.0, particularly those with limited security expertise or those hosting the system on shared hosting environments, are at significant risk. Systems with default configurations or those lacking regular security updates are especially vulnerable to exploitation.
• generic web: Use curl to test the /ajax.php?action=delete_user endpoint with various 'ID' parameters. Look for successful deletion responses without proper authentication.
curl 'http://your-target/ajax.php?action=delete_user&id=1' • php: Examine the /ajax.php file for missing or inadequate access control checks before deleting users. Search for code patterns that directly use the 'ID' parameter without validation.
• generic web: Monitor web server access logs for requests to /ajax.php?action=delete_user originating from unusual IP addresses or containing suspicious 'ID' values.
disclosure
Statut de l'Exploit
EPSS
0.05% (percentile 16%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2026-5330 is to upgrade to a patched version of Best Courier Management System. Since a fixed version is not specified, consider reverting to a previous, known-stable version if upgrading causes compatibility issues. As a temporary workaround, implement strict access controls on the /ajax.php?action=delete_user endpoint, requiring authentication and authorization checks before allowing user deletion. Web application firewalls (WAFs) can be configured to block requests with suspicious 'ID' parameter values. Monitor access logs for unusual deletion activity and implement intrusion detection systems (IDS) to alert on potential exploitation attempts.
Actualizar a una versión parcheada del sistema de gestión de mensajería. Contacte al proveedor para obtener una versión corregida o implemente controles de acceso adecuados para la función de eliminación de usuarios en el archivo /ajax.php.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2026-5330 is a medium-severity vulnerability in Best Courier Management System version 1.0 that allows attackers to delete user accounts by manipulating the 'ID' parameter in a specific endpoint.
If you are using Best Courier Management System version 1.0, you are potentially affected by this vulnerability. Upgrade to a patched version as soon as possible.
The recommended fix is to upgrade to a patched version of Best Courier Management System. If upgrading is not immediately possible, implement temporary workarounds like access control restrictions and WAF rules.
Due to the public availability of a proof-of-concept, CVE-2026-5330 is likely being actively exploited or targeted by malicious actors.
Refer to the SourceCodester website or relevant security forums for the official advisory regarding CVE-2026-5330 in Best Courier Management System.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.