A SQL injection vulnerability has been discovered in itsourcecode Courier Management System version 1.0. The vulnerability affects an unknown function in the /manage_user.php file, where manipulation of the ID argument leads to SQL injection. The attack can be performed remotely and the exploit has been publicly disclosed, making it available for use by attackers. This represents a significant security risk for systems running this courier management software.