6 matches found
EUVD-2022-33423
Malicious code in bioql PyPI...
PT-2024-23175 · Unknown · Bdtask Multi-Store Inventory Management System
Name of the Vulnerable Software and Affected Versions: Bdtask Multi-Store Inventory Management System versions up to 20240320 Description: A problematic issue was found in the Store Update Page component of the Bdtask Multi-Store Inventory Management System. The manipulation of the Store Name and...
Cross site request forgery (csrf)
Multi Store Inventory Management System v1.0 allows attackers to perform an account takeover via a crafted POST request...
CVE-2022-28993
The CVE-2022-28993 entry concerns Multi Store Inventory Management System v1.0 with an authorization issue that enables account takeover via a crafted POST request. Affected component is the web application’s access control logic; root cause is not explicitly detailed across sources, but multiple...
CVE-2022-28991
CVE-2022-28991 affects Multi Store Inventory Management System v1.0. The described vulnerability is an information disclosure that could allow attackers to access sensitive files. The provided documents do not specify the root cause, exploit details, or a remediation/fix. No exploitation status i...
CVE-2020-36012
The CVE-2020-36012 entry concerns BDTASK Multi-Store Inventory Management System 1.0, where a stored XSS vulnerability exists in the Customer Name Field. According to connected records, a local administrator can inject arbitrary code through this field, indicating improper input handling and pers...