VYPR

Vendor CVEs

Bdtask

All CVEs

31 total · sorted by risk
  • CVE-2026-10172MedMay 31, 2026
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module…

  • CVE-2026-1597MedJan 29, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in Bdtask SalesERP up to 20260116. This issue affects some unknown processing of the component Administrative Endpoint. Such manipulation of the argument ci_session leads to improper authorization. The attack may be performed from remote. The…

  • CVE-2025-13238MedNov 16, 2025
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in Bdtask Flight Booking Software 4. Affected by this vulnerability is an unknown functionality of the file /agent/profile/edit of the component Edit Profile Page. This manipulation causes unrestricted upload. The attack may be initiated remotely.…

  • CVE-2025-12223MedOct 27, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in Bdtask Flight Booking Software up to 3.1. This affects an unknown part of the file /b2c/package-information of the component Package Information Module. The manipulation results in unrestricted upload. The attack can be launched remotely. The…

  • CVE-2025-12222MedOct 27, 2025
    risk 0.41cvss 6.3epss 0.00

    A security vulnerability has been detected in Bdtask Flight Booking Software up to 3.1. Affected by this issue is some unknown functionality of the file /admin/transaction/deposit of the component Deposit Handler. The manipulation leads to unrestricted upload. The attack can be…

  • CVE-2020-37106MedFeb 7, 2026
    risk 0.34cvss 5.3epss 0.00

    Business Live Chat Software 1.0 contains a cross-site request forgery vulnerability that allows attackers to change user account roles without authentication. Attackers can craft a malicious HTML form to modify user privileges by submitting a POST request to the user creation…

  • CVE-2025-40679MedJan 20, 2026
    risk 0.33cvss epss 0.00

    HTML Injection vulnerability in Isshue by Bdtask, consisting os an HTML injection due to a lack os proper validation of user input by sending a POST request to '/category_product_search', affecting the 'product_name' parameter.

  • CVE-2026-10155MedMay 31, 2026
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accounts_report_search of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of…

  • CVE-2025-13185MedNov 14, 2025
    risk 0.31cvss 4.7epss 0.00

    A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profile_image/banner_image results in unrestricted upload. The attack can be launched remotely.…

  • CVE-2025-12287MedOct 27, 2025
    risk 0.31cvss 4.7epss 0.00

    A security vulnerability has been detected in Bdtask Wholesale Inventory Control and Inventory Management System up to 20251013. This impacts an unknown function of the file /Admin_dashboard/edit_profile. Such manipulation of the argument first_name/last_name leads to sql…

  • CVE-2026-1600MedJan 29, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was identified in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The impacted element is an unknown function of the file /hungry/addtocart of the component Add-to-Cart Submission Endpoint. The manipulation of the argument price/allprice…

  • CVE-2026-1599MedJan 29, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Checkout. Executing a manipulation of the argument…

  • CVE-2025-13239MedNov 16, 2025
    risk 0.28cvss 4.3epss 0.00

    A security vulnerability has been detected in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution 5. Affected by this issue is some unknown functionality of the file /submit_checkout. Such manipulation of the argument order_total_amount/cart_total_amount leads…

  • CVE-2025-13179MedNov 14, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability has been found in Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System up to 20250320. This issue affects some unknown processing. Such manipulation leads to cross-site request forgery. The attack may be performed from remote. The exploit…

  • CVE-2025-13177MedNov 14, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was detected in Bdtask/CodeCanyon SalesERP up to 20250728. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about…

  • CVE-2025-12288MedOct 27, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was detected in Bdtask Pharmacy Management System up to 9.4. Affected is an unknown function of the file /user/edit_user/ of the component User Profile Handler. Performing manipulation results in authorization bypass. Remote exploitation of the attack is…

  • CVE-2024-2639MedMar 19, 2024
    risk 0.28cvss 4.3epss 0.01

    A vulnerability was found in Bdtask Wholesale Inventory Management System up to 20240311. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to session fixiation. The attack can be launched remotely. The…

  • CVE-2026-1598LowJan 29, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. Impacted is an unknown function of the file /dashboard/home/profile of the component User Information Module. Performing a manipulation of the argument fullname results in cross…

  • CVE-2025-13180LowNov 14, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System up to 20250320. Impacted is an unknown function of the file /edit_profile. Performing manipulation of the argument first_name/last_name results in basic cross site…

  • CVE-2025-13178LowNov 14, 2025
    risk 0.23cvss 3.5epss 0.00

    A flaw has been found in Bdtask/CodeCanyon SalesERP up to 20250728. This vulnerability affects unknown code of the file /edit_profile of the component User Profile Handler. This manipulation of the argument first_name/last_name causes basic cross site scripting. The attack is…

  • CVE-2025-13186LowNov 14, 2025
    risk 0.16cvss 2.4epss 0.00

    A weakness has been identified in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution up to 4.0. This impacts an unknown function of the file /dashboard/Ccustomer/manage_customer. This manipulation of the argument Search causes cross site scripting. The attack…

  • CVE-2024-2133LowMar 3, 2024
    risk 0.16cvss 2.4epss 0.00

    A vulnerability, which was classified as problematic, was found in Bdtask Isshue Multi Store eCommerce Shopping Cart Solution 4.0. This affects an unknown part of the file /dashboard/Cinvoice/manage_invoice of the component Manage Sale Page. The manipulation of the argument…

  • CVE-2024-2317Mar 8, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Bdtask Hospital AutoManager up to 20240227 and classified as problematic. This issue affects some unknown processing of the file /prescription/prescription/delete/ of the component Prescription Page. The manipulation leads to improper authorization.…

  • CVE-2024-2316Mar 8, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been found in Bdtask Hospital AutoManager up to 20240227 and classified as problematic. This vulnerability affects unknown code of the file /billing/bill/edit/ of the component Update Bill Page. The manipulation leads to cross-site request forgery. The attack…

  • CVE-2024-2277Mar 8, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Setting/change_password_save of the component Password Reset Handler. The manipulation…

  • CVE-2024-2276Mar 8, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /Venue_controller/edit_venue/ of the component Edit Venue Page. The…

  • CVE-2024-2275Mar 8, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, was found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0. Affected is an unknown function of the component OBS Patient/Gynee Prescription. The manipulation of the argument Patient Title/Full…

  • CVE-2024-2274Mar 8, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, has been found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0. This issue affects some unknown processing of the file /Home/Index of the component Prescription Dashboard. The manipulation of the argument…

  • CVE-2024-2135Mar 3, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Bdtask Hospita AutoManager up to 20240223 and classified as problematic. This issue affects some unknown processing of the file /hospital_activities/birth/form of the component Hospital Activities Page. The manipulation of the argument Description…

  • CVE-2024-2134Mar 3, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been found in Bdtask Hospita AutoManager up to 20240223 and classified as problematic. This vulnerability affects unknown code of the file /investigation/delete/ of the component Investigation Report Handler. The manipulation leads to cross-site request…

  • CVE-2024-1749Feb 22, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, has been found in Bdtask Bhojon Best Restaurant Management Software 2.9. This issue affects some unknown processing of the file /dashboard/message of the component Message Page. The manipulation of the argument Title leads to…