VYPR

Saleserp

by Bdtask

CVEs (3)

  • CVE-2026-1597MedJan 29, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in Bdtask SalesERP up to 20260116. This issue affects some unknown processing of the component Administrative Endpoint. Such manipulation of the argument ci_session leads to improper authorization. The attack may be performed from remote. The…

  • CVE-2025-13177MedNov 14, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was detected in Bdtask/CodeCanyon SalesERP up to 20250728. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about…

  • CVE-2025-13178LowNov 14, 2025
    risk 0.23cvss 3.5epss 0.00

    A flaw has been found in Bdtask/CodeCanyon SalesERP up to 20250728. This vulnerability affects unknown code of the file /edit_profile of the component User Profile Handler. This manipulation of the argument first_name/last_name causes basic cross site scripting. The attack is…