CVE-2025-12287 | Bdtask Wholesale Inventory Control and Inventory Management System edit_profile sql injection

A vulnerability, which was classified as critical, was found in Bdtask Wholesale Inventory Control and Inventory Management System up to 20251013. This impacts an unknown function of the file /Admin_dashboard/edit_profile. Such manipulation of the argument first_name/last_name leads to sql injection.

This vulnerability is traded as CVE-2025-12287. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More