| Título | Bdtask Multi-Store Inventory Management System 1.0 Code Injection |
|---|
| Descrição | A remote code execution vulnerability was found in bdtask Multi-Store Inventory Management System 1.0. It affects the function upload() of the file application/modules/dashboard/controllers/Module.php of the component Module Upload Handler.
The manipulation of the argument module leads to remote code execution. The attack may be initiated remotely. Authentication is required.
The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|---|
| Fonte | ⚠️ https://github.com/kevin57545/CVE/blob/main/bdtask-multi-store-rce.md |
|---|
| Utilizador | Kevin57545 (UID 97896) |
|---|
| Submissão | 05/05/2026 12h50 (há 30 dias) |
|---|
| Moderação | 30/05/2026 13h06 (25 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 367429 [Bdtask Multi-Store Inventory Management System 1.0 Component Module.php upload module Elevação de Privilégios] |
|---|
| Pontos | 20 |
|---|