| عنوان | Bdtask Multi-Store Inventory Management System 1.0 Code Injection |
|---|
| الوصف | A remote code execution vulnerability was found in bdtask Multi-Store Inventory Management System 1.0. It affects the function upload() of the file application/modules/dashboard/controllers/Module.php of the component Module Upload Handler.
The manipulation of the argument module leads to remote code execution. The attack may be initiated remotely. Authentication is required.
The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|---|
| المصدر | ⚠️ https://github.com/kevin57545/CVE/blob/main/bdtask-multi-store-rce.md |
|---|
| المستخدم | Kevin57545 (UID 97896) |
|---|
| ارسال | 05/05/2026 12:50 PM (1 شهر منذ) |
|---|
| الاعتدال | 30/05/2026 01:06 PM (25 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 367429 [Bdtask Multi-Store Inventory Management System 1.0 Component Module.php upload module تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|