Bdtask Multi-Store Inventory Management System Accounts Report Accounts.php accounts_report

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accounts_report_search of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument dtpToDate results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.

Basic Information

ID CVE-2026-10155

Source VulDB

Published May 30, 2026 at 23:30

Affected Product

Vendor Bdtask

Product Multi-Store Inventory Management System

Version 1.0

Affected Versions Bdtask Multi-Store Inventory Management System 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accounts_report_search of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument dtpToDate results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.",
    "published": "2026-05-30T23:30:09.916Z",
    "modified": "2026-05-30T23:30:09.916Z",
    "type": "cve",
    "title": "Bdtask Multi-Store Inventory Management System Accounts Report Accounts.php accounts_report_search sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/367408\nhttps://vuldb.com/vuln/367408/cti\nhttps://vuldb.com/submit/818863\nhttps://github.com/kevin57545/CVE/blob/main/README.md",
    "id": "CVE-2026-10155",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "Bdtask Multi-Store Inventory Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Multi-Store Inventory Management System",
    "version": "1.0",
    "vendor": "Bdtask",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Bdtask Multi-Store Inventory Management System Accounts Report Accounts.php accounts_report_search sql injection_CVE-2026-10155