CNNVD-202510-3639 Information

CNNVD ID

CNNVD-202510-3639

Related CVE

CVE-2025-12222

• CNNVD Published: 2025-10-27

Description (Chinese)

Bdtask Flight Booking Software是孟加拉国Bdtask公司的一个航空订票软件。 Bdtask Flight Booking Software 3.1及之前版本存在代码问题漏洞，该漏洞源于文件/admin/transaction/deposit中的组件Deposit Handler存在不受限制的上传功能，可能导致远程攻击。

Description (English)

Bdtask Bright Booking Software is an aviation booking software for Bdtask in Bangladesh. Bdtask Flight Booking Software 3.1 and previous versions had a code problem loophole, which stemmed from the unrestricted upload function of the component Deposit Handler in the document/admin/transaction/deposit, which could lead to a remote attack.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Bdtask

Published

2025-10-27

Last Modified

2026-02-24

References

https://github.com/4m3rr0r/PoCVulDb/blob/main/CVE-2025-12222.md https://vuldb.com/?ctiid.329892 https://vuldb.com/?id.329892 https://vuldb.com/?submit.673424