CVE-2026-10282 Bottelet DaybydayCRM DocumentsController.php view improper authorization

A security vulnerability has been detected in Bottelet DaybydayCRM up to 2.2.1. This impacts the function view of the file app/Http/Controllers/DocumentsController.php. Such manipulation leads to improper authorization. The attack may be launched remotely. It is best practice to apply a patch to...

CVE-2026-10282

CVE-2026-10282 affects Bottelet DaybydayCRM (up to version 2.2.1). The vulnerability is in the view function of app/Http/Controllers/DocumentsController.php, enabling improper authorization from a remote attacker. The description notes that applying a patch resolves the issue. No exploit details ...

CVE-2015-1040

Multiple cross-site scripting XSS vulnerabilities in the administrative backend in BEdita 3.4.0 allow remote authenticated users to inject arbitrary web script or HTML via the 1 lrealname field in the editProfile form to index.php/home/profile; the 2 datatitle or 3 datadescription field in the...

CVE-2015-1040

Multiple cross-site scripting XSS vulnerabilities in the administrative backend in BEdita 3.4.0 allow remote authenticated users to inject arbitrary web script or HTML via the 1 lrealname field in the editProfile form to index.php/home/profile; the 2 datatitle or 3 datadescription field in the...