262 matches found
CVE-2026-1598
CVE-2026-1598 affects Bdtask Bhojon All-In-One Restaurant Management System (up to 20260116). The vulnerability lies in the User Information Module, specifically the /dashboard/home/profile function, where manipulating the fullname argument triggers cross-site scripting. The issue is exploitable ...
CVE-2026-1597 Bdtask SalesERP Administrative Endpoint improper authorization
A vulnerability has been found in Bdtask SalesERP up to 20260116. This issue affects some unknown processing of the component Administrative Endpoint. Such manipulation of the argument cisession leads to improper authorization. The attack may be performed from remote. The exploit has been disclos...
CVE-2026-1597
A vulnerability has been found in Bdtask SalesERP up to 20260116. This issue affects some unknown processing of the component Administrative Endpoint. Such manipulation of the argument cisession leads to improper authorization. The attack may be performed from remote. The exploit has been disclos...
EUVD-2026-4955
A vulnerability has been found in Bdtask SalesERP up to 20260116. This issue affects some unknown processing of the component Administrative Endpoint. Such manipulation of the argument cisession leads to improper authorization. The attack may be performed from remote. The exploit has been disclos...
CVE-2026-1597 Bdtask SalesERP Administrative Endpoint improper authorization
A vulnerability has been found in Bdtask SalesERP up to 20260116. This issue affects some unknown processing of the component Administrative Endpoint. Such manipulation of the argument cisession leads to improper authorization. The attack may be performed from remote. The exploit has been disclos...
CVE-2026-1597
CVE-2026-1597 affects Bdtask SalesERP (
PT-2026-5308
A vulnerability has been found in Bdtask SalesERP up to 20260116. This issue affects some unknown processing of the component Administrative Endpoint. Such manipulation of the argument ci session leads to improper authorization. The attack may be performed from remote. The exploit has been...
PT-2026-5325
Name of the Vulnerable Software and Affected Versions Bdtask Bhojon All-In-One Restaurant Management System versions prior to 20260117 Description A business logic error exists in the Add-to-Cart Submission Endpoint. The backend accepts user-controlled pricing values without validating them again...
Bdtask Bhojon All-In-One Restaurant Management System: Code Injection Vulnerability
Bdtask Bhojon All-In-One Restaurant Management System is a restaurant management system developed by the Bangladeshi company Bdtask. The versions of the Bdtask Bhojon All-In-One Restaurant Management System prior to 20260116 contained a code injection vulnerability. This vulnerability stemmed fro...
Bdtask Bhojon All-In-One Restaurant Management System has security vulnerabilities.
Bdtask Bhojon All-In-One Restaurant Management System is a restaurant management system developed by the Bangladeshi company Bdtask. The versions of the Bdtask Bhojon All-In-One Restaurant Management System prior to version 20260116 contained security vulnerabilities. These vulnerabilities were...
Bdtask Bhojon All-In-One Restaurant Management System has security vulnerabilities.
Bdtask Bhojon All-In-One Restaurant Management System is a restaurant management system developed by the Bangladeshi company Bdtask. Versions of the Bdtask Bhojon All-In-One Restaurant Management System prior to version 20260116 contained security vulnerabilities. These vulnerabilities were cause...
PT-2026-5315
A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Checkout. Executing a manipulation of the argument orggrandTotal/vat/service charge/grandtotal can le...
CVE-2025-40679
HTML Injection vulnerability in Isshue by Bdtask, consisting os an HTML injection due to a lack os proper validation of user input by sending a POST request to '/categoryproductsearch', affecting the 'productname' parameter...
CVE-2025-40679
HTML Injection vulnerability in Isshue by Bdtask, consisting os an HTML injection due to a lack os proper validation of user input by sending a POST request to '/categoryproductsearch', affecting the 'productname' parameter...
CVE-2025-40679
CVE-2025-40679 describes an HTML injection in Isshue by Bdtask resulting from insufficient validation of the product_name input in a POST to /category_product_search (or variant paths in connected records). Affected component is the Isshue module of Bdtask software; root cause is improper input v...
CVE-2025-40679
HTML Injection vulnerability in Isshue by Bdtask, consisting os an HTML injection due to a lack os proper validation of user input by sending a POST request to '/categoryproductsearch', affecting the 'productname' parameter...
CVE-2025-40679 HTML injection in Isshue from Bdtask
HTML Injection vulnerability in Isshue by Bdtask, consisting os an HTML injection due to a lack os proper validation of user input by sending a POST request to '/categoryproductsearch', affecting the 'productname' parameter...
CVE-2025-40679 HTML injection in Isshue from Bdtask
HTML Injection vulnerability in Isshue by Bdtask, consisting os an HTML injection due to a lack os proper validation of user input by sending a POST request to '/categoryproductsearch', affecting the 'productname' parameter...
PT-2026-3552
HTML Injection vulnerability in Isshue by Bdtask, consisting os an HTML injection due to a lack os proper validation of user input by sending a POST request to '/category product search', affecting the 'product name' parameter...
Bdtask Isshue Cross-Site Script Vulnerability
Bdtask Isshue is a multi-store e-commerce shopping cart software developed by Bdtask Inc. Bdtask Isshue has a cross-site scripting vulnerability. This vulnerability stems from insufficient validation of the productname parameter in POST requests sent to /categoryproductsearch, which may lead to...