| Título | Bdtask Multi-Store Inventory Management System 1.0 Code Injection |
|---|
| Descripción | A remote code execution vulnerability was found in bdtask Multi-Store Inventory Management System 1.0. It affects the function upload() of the file application/modules/dashboard/controllers/Module.php of the component Module Upload Handler.
The manipulation of the argument module leads to remote code execution. The attack may be initiated remotely. Authentication is required.
The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|---|
| Fuente | ⚠️ https://github.com/kevin57545/CVE/blob/main/bdtask-multi-store-rce.md |
|---|
| Usuario | Kevin57545 (UID 97896) |
|---|
| Sumisión | 2026-05-05 12:50 (hace 1 mes) |
|---|
| Moderación | 2026-05-30 13:06 (25 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 367429 [Bdtask Multi-Store Inventory Management System 1.0 Component Module.php upload module escalada de privilegios] |
|---|
| Puntos | 20 |
|---|