CVE-2025-12288 | Bdtask Pharmacy Management System up to 9.4 User Profile /user/edit_user/ authorization

A vulnerability has been found in Bdtask Pharmacy Management System up to 9.4 and classified as problematic. Affected is an unknown function of the file /user/edit_user/ of the component User Profile Handler. Performing manipulation results in authorization bypass.

This vulnerability is known as CVE-2025-12288. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More