| Название | Bdtask Multi-Store Inventory Management System 1.0 SQL Injection |
|---|
| Описание | A SQL injection vulnerability was found in bdtask Multi-Store Inventory Management System 1.0. It affects the function accounts_report_search() of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler.
The manipulation of the argument dtpToDate leads to SQL injection. The attack may be initiated remotely. Authentication is required.
The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. |
|---|
| Пользователь | Kevin57545 (UID 97896) |
|---|
| Представление | 04.05.2026 16:28 (1 месяц назад) |
|---|
| Модерация | 30.05.2026 07:54 (26 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 367408 [Bdtask Multi-Store Inventory Management System 1.0 Accounts Report Accounts.php accounts_report_search dtpToDate SQL-инъекция] |
|---|
| Баллы | 17 |
|---|