Skip to main content

Wholesale

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-12287 LOW POC Monitor

SQL injection in Bdtask Wholesale Inventory Control and Inventory Management System up to version 20251013 allows high-privileged remote attackers to manipulate the first_name and last_name parameters in the /Admin_dashboard/edit_profile endpoint, leading to unauthorized database queries with low confidentiality, integrity, and availability impact. Publicly available exploit code exists, and the vendor has not responded to early disclosure notification.

SQLi Wholesale
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-12287
EPSS 0% CVSS 2.0
LOW POC Monitor

SQL injection in Bdtask Wholesale Inventory Control and Inventory Management System up to version 20251013 allows high-privileged remote attackers to manipulate the first_name and last_name parameters in the /Admin_dashboard/edit_profile endpoint, leading to unauthorized database queries with low confidentiality, integrity, and availability impact. Publicly available exploit code exists, and the vendor has not responded to early disclosure notification.

SQLi Wholesale
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy