| tiêu đề | Bdtask Multi-Store Inventory Management System 1.0 SQL Injection |
|---|
| Mô tả | A SQL injection vulnerability was found in bdtask Multi-Store Inventory Management System 1.0. It affects the function accounts_report_search() of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler.
The manipulation of the argument dtpToDate leads to SQL injection. The attack may be initiated remotely. Authentication is required.
The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. |
|---|
| Người dùng | Kevin57545 (UID 97896) |
|---|
| Đệ trình | 04/05/2026 16:28 (cách đây 1 tháng) |
|---|
| Kiểm duyệt | 30/05/2026 07:54 (26 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 367408 [Bdtask Multi-Store Inventory Management System 1.0 Accounts Report Accounts.php accounts_report_search dtpToDate Tiêm SQL] |
|---|
| điểm | 17 |
|---|