VYPR
Unrated severityNVD Advisory· Published Apr 2, 2024· Updated Feb 27, 2025

Bdtask Multi-Store Inventory Management System Stock Movement Page cross-site request forgery

CVE-2024-3151

Description

A vulnerability, which was classified as problematic, was found in Bdtask Multi-Store Inventory Management System up to 20240325. Affected is an unknown function of the file /stockmovment/stockmovment/delete/ of the component Stock Movement Page. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258924. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.