Skip to main content

Pharmacare

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-12288 LOW POC Monitor

Authorization bypass in Bdtask Pharmacy Management System up to version 9.4 allows authenticated remote attackers to manipulate user profile data via the /user/edit_user/ endpoint, escalating privileges or modifying other users' accounts without proper access controls. The vulnerability has publicly available exploit code and affects the User Profile Handler component, though vendor response to disclosure has been absent.

Authentication Bypass Pharmacare
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-12288
EPSS 0% CVSS 2.1
LOW POC Monitor

Authorization bypass in Bdtask Pharmacy Management System up to version 9.4 allows authenticated remote attackers to manipulate user profile data via the /user/edit_user/ endpoint, escalating privileges or modifying other users' accounts without proper access controls. The vulnerability has publicly available exploit code and affects the User Profile Handler component, though vendor response to disclosure has been absent.

Authentication Bypass Pharmacare
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy