Lucene search
K

4650 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/31 6:45 a.m.14 views

CVE-2026-10172

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricte...

6.5CVSS5.5AI score0.00206EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/31 6:45 a.m.12 views

EUVD-2026-33492

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricte...

6.5CVSS6.3AI score0.00206EPSS
Exploits0References5
CVE
CVE
added 2026/05/31 6:45 a.m.21 views

CVE-2026-10172

The CVE-2026-10172 entry concerns Bdtask Multi-Store Inventory Management System 1.0. The vulnerability lies in the Upload function of the file application/modules/dashboard/controllers/Module.php within the Module component, where manipulating the module argument yields unrestricted file upload....

6.5CVSS6.3AI score0.00206EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/31 6:45 a.m.10 views

CVE-2026-10172 Bdtask Multi-Store Inventory Management System Component Module.php upload unrestricted upload

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricte...

6.5CVSS5.5AI score0.00206EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/31 6:45 a.m.40 views

CVE-2026-10172 Bdtask Multi-Store Inventory Management System Component Module.php upload unrestricted upload

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricte...

6.5CVSS0.00206EPSS
Exploits0References5
NVD
NVD
added 2026/05/31 12:16 a.m.14 views

CVE-2026-10155

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accountsreportsearch of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument dtpToDat...

5.8CVSS0.00206EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

Bdtask Multi-Store Inventory Management System SQL注入漏洞

The Bdtask Multi-Store Inventory Management System is an inventory management system developed by the Bdtask company in Bangladesh. Version 1.0 of the Bdtask Multi-Store Inventory Management System has a SQL injection vulnerability. This vulnerability arises from the accountsreportsearch function...

5.8CVSS5.9AI score0.00206EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.9 views

Bdtask Multi-Store Inventory Management System 代码问题漏洞

Bdtask Multi-Store Inventory Management System is an inventory management system for multiple stores developed by the Bangladeshi company Bdtask. Version 1.0 of the Bdtask Multi-Store Inventory Management System has code vulnerabilities. These vulnerabilities stem from the parameter module in the...

6.5CVSS6.7AI score0.00206EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/30 11:30 p.m.8 views

CVE-2026-10155

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accountsreportsearch of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument dtpToDat...

5.8CVSS5.7AI score0.00206EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/30 12:0 a.m.13 views

PT-2026-45141

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accounts report search of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument...

5.8CVSS5.7AI score0.00206EPSS
Exploits0References5
OSV
OSV
added 2026/05/29 10:9 p.m.10 views

GHSA-XW54-C3MX-9PM3 Admidio: Any logged-in user can delete inventory fields via `mode=field_delete` — incomplete fix of #2024

Summary Commit d37ca6b27b9674238e58491cf7ba292e66898f15 "Delete item not check admin rights 2024", 2026-04-12 added a missing isAdministratorInventory gate to case 'itemdelete': in modules/inventory.php. The same fix was not applied to the sibling case 'fielddelete': handler, which destroys an...

6.5CVSS5.8AI score0.00029EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/29 10:9 p.m.24 views

Admidio: Any logged-in user can delete inventory fields via `mode=field_delete` — incomplete fix of #2024

Summary Commit d37ca6b27b9674238e58491cf7ba292e66898f15 "Delete item not check admin rights 2024", 2026-04-12 added a missing isAdministratorInventory gate to case 'itemdelete': in modules/inventory.php. The same fix was not applied to the sibling case 'fielddelete': handler, which destroys an...

5.8AI score0.00029EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/05/29 10:9 p.m.11 views

Sequence of Processor Instructions Leads to Unexpected Behavior

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Sequence of Processor Instructions Leads to Unexpected Behavior through the fielddelete process. An attacker can permanently remove...

7.1CVSS5.8AI score0.00029EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.8 views

shopper 安全漏洞

Shopper is an open-source e-commerce management backend developed by Shopper Labs. Versions of Shopper prior to 2.8.0 contained security vulnerabilities. These vulnerabilities stemmed from the Livewire component in the product editor, which lacked authorization for the store method. Any...

6.5CVSS5.8AI score0.00221EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.22 views

PT-2026-45043

Summary Commit d37ca6b27b9674238e58491cf7ba292e66898f15 "Delete item not check admin rights 2024", 2026-04-12 added a missing isAdministratorInventory gate to case 'item delete': in modules/inventory.php. The same fix was not applied to the sibling case 'field delete': handler, which destroys an...

6.5CVSS5.8AI score0.00029EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/26 8:15 p.m.12 views

CVE-2026-9445

A flaw has been found in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible...

6.5CVSS6.2AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 8:15 p.m.14 views

CVE-2026-9444

A vulnerability was detected in SourceCodester Simple POS and Inventory System 1.0. This issue affects the function delete of the file /admin/deleteproduct.php of the component GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack may be launched remotely...

5.8CVSS5.7AI score0.00258EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.16 views

CVE-2026-9302

A vulnerability was determined in 546669204 vps-inventory-monitoring up to 98c00b370668c96ae75e91c15548d9ea113652d9. This issue affects the function eval of the file app/index/command/VpsTest.php of the component VpsTest Console. Executing a manipulation of the argument vf can lead to code...

6.5CVSS6.3AI score0.00237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.16 views

CVE-2026-9447

A vulnerability was found in SourceCodester Simple POS and Inventory System 1.0. The impacted element is an unknown function of the file /user/search.php. Performing a manipulation of the argument Name results in sql injection. The attack is possible to be carried out remotely. The exploit has be...

7.5CVSS6.9AI score0.00319EPSS
Exploits0References1
NVD
NVD
added 2026/05/25 11:16 a.m.21 views

CVE-2026-9447

A vulnerability was found in SourceCodester Simple POS and Inventory System 1.0. The impacted element is an unknown function of the file /user/search.php. Performing a manipulation of the argument Name results in sql injection. The attack is possible to be carried out remotely. The exploit has be...

7.5CVSS0.00319EPSS
Exploits0References5
Rows per page
Query Builder