Bdtask Multi-Store Inventory Management System Component Module.php upload unrestricted upload

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricted upload. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.

Basic Information

ID CVE-2026-10172

Source VulDB

Published May 31, 2026 at 06:45

Modified May 31, 2026 at 06:59

Affected Product

Vendor Bdtask

Product Multi-Store Inventory Management System

Version 1.0

Affected Versions Bdtask Multi-Store Inventory Management System 1.0

CWE Classification

CWE-434 CWE-284

References

{
    "lastseen": "",
    "description": "A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricted upload. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.",
    "published": "2026-05-31T06:45:06.719Z",
    "modified": "2026-05-31T06:59:07.845Z",
    "type": "cve",
    "title": "Bdtask Multi-Store Inventory Management System Component Module.php upload unrestricted upload",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/367429\nhttps://vuldb.com/vuln/367429/cti\nhttps://vuldb.com/cve/CVE-2026-10172\nhttps://vuldb.com/submit/819418\nhttps://github.com/kevin57545/CVE/blob/main/bdtask-multi-store-rce.md",
    "id": "CVE-2026-10172",
    "bulletinFamily": "",
    "cwe": [
        "CWE-434",
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "Bdtask Multi-Store Inventory Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Multi-Store Inventory Management System",
    "version": "1.0",
    "vendor": "Bdtask",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Bdtask Multi-Store Inventory Management System Component Module.php upload unrestricted upload_CVE-2026-10172