Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Bdtask — Vulnerabilities & Security Advisories 35

Browse all 35 CVE security advisories affecting Bdtask. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Bdtask operates as a business process automation platform, primarily serving enterprises that require robust workflow orchestration and task scheduling capabilities. Despite its utility in streamlining operations, the software has faced significant scrutiny due to a high volume of disclosed security flaws, with thirty-five Common Vulnerabilities and Exposures (CVEs) currently on record. Historically, these vulnerabilities predominantly involve remote code execution, cross-site scripting, and privilege escalation, often stemming from inadequate input validation and insufficient access controls within the application’s architecture. Notable incidents include critical exploits allowing unauthenticated attackers to execute arbitrary commands on affected servers, highlighting systemic weaknesses in the product’s security design. These recurring issues underscore the necessity for rigorous patch management and continuous security auditing for organizations relying on this automation infrastructure to mitigate potential data breaches and service disruptions.

Top products by Bdtask: G-Prescription Gynaecology & OBS Consultation Software Multi-Store Inventory Management System Isshue Multi Store eCommerce Shopping Cart Solution Flight Booking Software Wholesale Inventory Control and Inventory Management System SalesERP Bhojon All-In-One Restaurant Management System Hospita AutoManager Hospital AutoManager Tradebox Bhojon Best Restaurant Management Software Business Live Chat Software Isshue Isshue Shopping Cart News365 Pharmacy Management System Wholesale Inventory Management System
CVE IDTitleCVSSSeverityPublished
CVE-2019-25505 Tradebox 5.4 SQL Injection via symbol Parameter — TradeboxCWE-89 7.1 High2026-03-04
CVE-2020-37106 Business Live Chat Software 1.0 - Cross-Site Request Forgery (Add Admin) — Business Live Chat SoftwareCWE-352 5.3 Medium2026-02-06
CVE-2026-1600 Bdtask Bhojon All-In-One Restaurant Management System Add-to-Cart Submission Endpoint addtocart logic error — Bhojon All-In-One Restaurant Management SystemCWE-840 4.3 Medium2026-01-29
CVE-2026-1599 Bdtask Bhojon All-In-One Restaurant Management System Checkout placeorder logic error — Bhojon All-In-One Restaurant Management SystemCWE-840 4.3 Medium2026-01-29
CVE-2026-1598 Bdtask Bhojon All-In-One Restaurant Management System User Information profile cross site scripting — Bhojon All-In-One Restaurant Management SystemCWE-79 3.5 Low2026-01-29
CVE-2026-1597 Bdtask SalesERP Administrative Endpoint improper authorization — SalesERPCWE-285 6.3 Medium2026-01-29
CVE-2025-40679 HTML injection in Isshue from Bdtask — IsshueCWE-79 7.2AIHighAI2026-01-20
CVE-2021-47769 Isshue Shopping Cart 3.5 - 'Title' Cross Site Scripting (XSS) — Isshue Shopping CartCWE-79 4.8 Medium2026-01-15
CVE-2025-13239 Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution submit_checkout behavioral workflow — Isshue Multi Store eCommerce Shopping Cart SolutionCWE-841 4.3 Medium2025-11-16
CVE-2025-13238 Bdtask Flight Booking Software Edit Profile edit unrestricted upload — Flight Booking SoftwareCWE-434 6.3 Medium2025-11-16
CVE-2025-13186 Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution manage_customer cross site scripting — Isshue Multi Store eCommerce Shopping Cart SolutionCWE-79 2.4 Low2025-11-14
CVE-2025-13185 Bdtask/CodeCanyon News365 profile unrestricted upload — News365CWE-434 4.7 Medium2025-11-14
CVE-2025-13180 Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System edit_profile cross site scripting — Wholesale Inventory Control and Inventory Management SystemCWE-80 3.5 Low2025-11-14
CVE-2025-13179 Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System cross-site request forgery — Wholesale Inventory Control and Inventory Management SystemCWE-352 4.3 Medium2025-11-14
CVE-2025-13178 Bdtask/CodeCanyon SalesERP User Profile edit_profile cross site scripting — SalesERPCWE-80 3.5 Low2025-11-14
CVE-2025-13177 Bdtask/CodeCanyon SalesERP cross-site request forgery — SalesERPCWE-352 4.3 Medium2025-11-14
CVE-2025-12288 Bdtask Pharmacy Management System User Profile edit_user authorization — Pharmacy Management SystemCWE-639 4.3 Medium2025-10-27
CVE-2025-12287 Bdtask Wholesale Inventory Control and Inventory Management System edit_profile sql injection — Wholesale Inventory Control and Inventory Management SystemCWE-89 4.7 Medium2025-10-27
CVE-2025-12223 Bdtask Flight Booking Software Package Information package-information unrestricted upload — Flight Booking SoftwareCWE-434 6.3 Medium2025-10-27
CVE-2025-12222 Bdtask Flight Booking Software Deposit deposit unrestricted upload — Flight Booking SoftwareCWE-434 6.3 Medium2025-10-27
CVE-2024-3151 Bdtask Multi-Store Inventory Management System Stock Movement Page cross-site request forgery — Multi-Store Inventory Management SystemCWE-352 4.3 Medium2024-04-02
CVE-2024-2998 Bdtask Multi-Store Inventory Management System Store Update Page cross site scripting — Multi-Store Inventory Management SystemCWE-79 2.4 Low2024-03-27
CVE-2024-2997 Bdtask Multi-Store Inventory Management System cross site scripting — Multi-Store Inventory Management SystemCWE-79 2.4 Low2024-03-27
CVE-2024-2996 Bdtask Multi-Store Inventory Management System Page Title cross site scripting — Multi-Store Inventory Management SystemCWE-79 2.4 Low2024-03-27
CVE-2024-2639 Bdtask Wholesale Inventory Management System session fixiation — Wholesale Inventory Management SystemCWE-384 4.3 Medium2024-03-19
CVE-2024-2317 Bdtask Hospital AutoManager Prescription Page improper authorization — Hospital AutoManagerCWE-285 3.8 Low2024-03-08
CVE-2024-2316 Bdtask Hospital AutoManager Update Bill Page cross-site request forgery — Hospital AutoManagerCWE-352 4.3 Medium2024-03-08
CVE-2024-2277 Bdtask G-Prescription Gynaecology & OBS Consultation Software Password Reset change_password_save cross-site request forgery — G-Prescription Gynaecology & OBS Consultation SoftwareCWE-352 4.3 Medium2024-03-08
CVE-2024-2276 Bdtask G-Prescription Gynaecology & OBS Consultation Software Edit Venue Page cross site scripting — G-Prescription Gynaecology & OBS Consultation SoftwareCWE-79 2.4 Low2024-03-08
CVE-2024-2275 Bdtask G-Prescription Gynaecology & OBS Consultation Software OBS Patient/Gynee Prescription cross site scripting — G-Prescription Gynaecology & OBS Consultation SoftwareCWE-79 2.4 Low2024-03-08

This page lists every published CVE security advisory associated with Bdtask. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.