Bhojon All In One Restaurant Management System
Approved changes feed: RSS · Atom
cpe:2.3:a:bdtask:bhojon_all-in-one_restaurant_management_system:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Bdtask (59fedb6e-3a79-5d6b-9825-116d620b5d82) |
|---|---|
| Product | Bhojon All In One Restaurant Management System (15f29f96-d766-5857-b753-3cc0f803e8cf) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-1600 |
vulnerable | 2026-06-03 15:14:44.722457 |
Bdtask Bhojon All-In-One Restaurant Management System Add-to-Cart Submission Endpoint addtocart logic error
MEDIUM (4.3)
A vulnerability was identified in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The impacted element is an unknown function of the file /hungry/addtocart of the component Add-to-Cart Submission Endpoint. The manipulation of the argument price/allprice leads to business logic errors. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-01-29T18:02:06.201Z
Updated: 2026-02-23T09:06:22.910Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-1599 |
vulnerable | 2026-06-03 15:14:44.721319 |
Bdtask Bhojon All-In-One Restaurant Management System Checkout placeorder logic error
MEDIUM (4.3)
A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Checkout. Executing a manipulation of the argument orggrandTotal/vat/service_charge/grandtotal can lead to business logic errors. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-01-29T17:32:06.117Z
Updated: 2026-02-23T09:06:08.855Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-1598 |
vulnerable | 2026-06-03 15:14:44.718020 |
Bdtask Bhojon All-In-One Restaurant Management System User Information profile cross site scripting
LOW (3.5)
A vulnerability was found in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. Impacted is an unknown function of the file /dashboard/home/profile of the component User Information Module. Performing a manipulation of the argument fullname results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-01-29T17:02:06.062Z
Updated: 2026-02-23T09:05:54.954Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.