Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-33423

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01577EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.4 views

PT-2024-23175 · Unknown · Bdtask Multi-Store Inventory Management System

Name of the Vulnerable Software and Affected Versions: Bdtask Multi-Store Inventory Management System versions up to 20240320 Description: A problematic issue was found in the Store Update Page component of the Bdtask Multi-Store Inventory Management System. The manipulation of the Store Name and...

5.4CVSS3.3AI score0.00546EPSS
Exploits1References8
Prion
Prion
added 2022/05/20 1:15 p.m.16 views

Cross site request forgery (csrf)

Multi Store Inventory Management System v1.0 allows attackers to perform an account takeover via a crafted POST request...

7.5CVSS9.1AI score0.01577EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/05/20 12:53 p.m.60 views

CVE-2022-28993

The CVE-2022-28993 entry concerns Multi Store Inventory Management System v1.0 with an authorization issue that enables account takeover via a crafted POST request. Affected component is the web application’s access control logic; root cause is not explicitly detailed across sources, but multiple...

9.8CVSS9.2AI score0.01577EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/05/20 12:53 p.m.66 views

CVE-2022-28991

CVE-2022-28991 affects Multi Store Inventory Management System v1.0. The described vulnerability is an information disclosure that could allow attackers to access sensitive files. The provided documents do not specify the root cause, exploit details, or a remediation/fix. No exploitation status i...

7.5CVSS7.2AI score0.01391EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/01/27 12:11 p.m.40 views

CVE-2020-36012

The CVE-2020-36012 entry concerns BDTASK Multi-Store Inventory Management System 1.0, where a stored XSS vulnerability exists in the Customer Name Field. According to connected records, a local administrator can inject arbitrary code through this field, indicating improper input handling and pers...

4.8CVSS5AI score0.00558EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder