GCVE - cpe:2.3:a:bdtask:flight_booking_software:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:bdtask:flight_booking_software:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Bdtask (`59fedb6e-3a79-5d6b-9825-116d620b5d82`)
Product	Flight Booking Software (`4b134fc4-d4c7-5bf8-a551-8d30bf06f9a0`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-13238`	vulnerable	2026-06-03 14:58:45.748662	Bdtask Flight Booking Software Edit Profile edit unrestricted upload MEDIUM (6.3) A weakness has been identified in Bdtask Flight Booking Software 4. Affected by this vulnerability is an unknown functionality of the file /agent/profile/edit of the component Edit Profile Page. This manipulation causes unrestricted upload. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-11-16T05:32:05.486Z Updated: 2026-02-24T06:28:58.262Z Open on db.gcve.eu Reference links https://vuldb.com/?id.332564 https://vuldb.com/?ctiid.332564 https://vuldb.com/?submit.686895 https://github.com/4m3rr0r/PoCVulDb/issues/6	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-12223`	vulnerable	2026-06-03 14:58:43.999626	Bdtask Flight Booking Software Package Information package-information unrestricted upload MEDIUM (6.3) A vulnerability was detected in Bdtask Flight Booking Software up to 3.1. This affects an unknown part of the file /b2c/package-information of the component Package Information Module. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-10-27T04:32:07.968Z Updated: 2026-02-24T07:06:27.626Z Open on db.gcve.eu Reference links https://vuldb.com/?id.329893 https://vuldb.com/?ctiid.329893 https://vuldb.com/?submit.673436 https://github.com/4m3rr0r/PoCVulDb/blob/main/CVE-2025-12223.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-12222`	vulnerable	2026-06-03 14:58:43.999050	Bdtask Flight Booking Software Deposit deposit unrestricted upload MEDIUM (6.3) A security vulnerability has been detected in Bdtask Flight Booking Software up to 3.1. Affected by this issue is some unknown functionality of the file /admin/transaction/deposit of the component Deposit Handler. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-10-27T04:32:05.653Z Updated: 2026-02-24T07:06:14.222Z Open on db.gcve.eu Reference links https://vuldb.com/?id.329892 https://vuldb.com/?ctiid.329892 https://vuldb.com/?submit.673424 https://github.com/4m3rr0r/PoCVulDb/blob/main/CVE-2025-12222.md	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.