CVE-2026-10172 | Bdtask Multi-Store Inventory Management System 1.0 Component Module.php upload module unrestricted upload

Inserito da Angelo Barbosa | Mag 30, 2026 | CVE

A vulnerability described as critical has been identified in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricted upload.

This vulnerability was named CVE-2026-10172. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-10172 | Bdtask Multi-Store Inventory Management System 1.0 Component Module.php upload module unrestricted upload

Post correlati

CVE-2023-38271 | IBM Cloud Pak System up to 2.3.3.7 iFix1 log file

CVE-2025-12330 | Willow CMS up to 1.4.0 Add Post Page /admin/articles/add title/body cross site scripting (Issue 131)

CVE-2022-49717 | Linux Kernel up to 5.18.5 of_find_node_by_phandle reference count

CVE-2025-27516 | Pallets Jinja up to 3.1.5 special elements used in a template engine