5 matches found
CVE-2022-28991
CVE-2022-28991 affects Multi Store Inventory Management System v1.0. The described vulnerability is an information disclosure that could allow attackers to access sensitive files. The provided documents do not specify the root cause, exploit details, or a remediation/fix. No exploitation status i...
CVE-2024-2997
CVE-2024-2997 affects the Bdtask Multi-Store Inventory Management System (up to 20240320). The vulnerability is a cross-site scripting flaw triggered by manipulating the arguments Category Name, Model Name, Brand Name, or Unit Name, allowing remote exploitation and arbitrary script execution with...
CVE-2024-2996
CVE-2024-2996 affects the Bdtask Multi-Store Inventory Management System (versions up to 20240320). The vulnerability lies in the Page Title Handler component, where manipulation can cause cross-site scripting (XSS) . It is exploitable remotely and, per disclosures, the exploit has been public. S...
CVE-2022-28993
The CVE-2022-28993 entry concerns Multi Store Inventory Management System v1.0 with an authorization issue that enables account takeover via a crafted POST request. Affected component is the web application’s access control logic; root cause is not explicitly detailed across sources, but multiple...
CVE-2024-2998
The CVE-2024-2998 entry concerns the Bdtask Multi-Store Inventory Management System (up to 20240320). The vulnerability affects the Store Update Page where manipulating the Store Name/Store Address parameter can trigger cross-site scripting (XSS). The issue is described as exploitable remotely an...