Submit #819418: Bdtask Multi-Store Inventory Management System 1.0 Code Injectioninfo

TitleBdtask Multi-Store Inventory Management System 1.0 Code Injection
DescriptionA remote code execution vulnerability was found in bdtask Multi-Store Inventory Management System 1.0. It affects the function upload() of the file application/modules/dashboard/controllers/Module.php of the component Module Upload Handler. The manipulation of the argument module leads to remote code execution. The attack may be initiated remotely. Authentication is required. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Source⚠️ https://github.com/kevin57545/CVE/blob/main/bdtask-multi-store-rce.md
User
 Kevin57545 (UID 97896)
Submission05/05/2026 12:50 (2 months ago)
Moderation05/30/2026 13:06 (25 days later)
StatusAccepted
VulDB entry367429 [Bdtask Multi-Store Inventory Management System 1.0 Component Module.php upload module unrestricted upload]
Points20

Do you want to use VulDB in your project?

Use the official API to access entries easily!