CNNVD-202601-4899 Information

Jan 29, 2026 cve

CNNVD ID

CNNVD-202601-4899

CVE-2026-1598

CNNVD Published: 2026-01-29

Description (Chinese)

Bdtask Bhojon All-In-One Restaurant Management System是孟加拉国Bdtask公司的一个餐饮业企业管理系统。 Bdtask Bhojon All-In-One Restaurant Management System 20260116及之前版本存在代码注入漏洞，该漏洞源于对文件/dashboard/home/profile中参数fullname的错误操作，可能导致跨站脚本。

Description (English)

Bdtask Bhojon All-In-One Restairant Management System is a catering enterprise management system for Bdtask in Bangladesh. Bdtask Bhojon All-In-One Republic Management System 20260116 and previous versions had a code-injecting loophole, which resulted from an error in the fullname of the parameter in file/dashboard/home/profile and could result in a cross-site script.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

Bdtask

Published

2026-01-29

Last Modified

2026-02-24

References

https://github.com/4m3rr0r/PoCVulDb/issues/12 https://vuldb.com/?id.343360 https://vuldb.com/?submit.740738 https://vuldb.com/?ctiid.343360 https://access.redhat.com/security/cve/cve-2026-1598

Share on: