CVE-2025-12223 | Bdtask Flight Booking Software up to 3.1 Package Information /b2c/package-information unrestricted upload

A vulnerability labeled as critical has been found in Bdtask Flight Booking Software up to 3.1. This affects an unknown part of the file /b2c/package-information of the component Package Information Module. The manipulation results in unrestricted upload.

This vulnerability is reported as CVE-2025-12223. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More