Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-5724

Malware in sbrugna...

5.5CVSS5.7AI score0.00285EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7110

Malware in sbrugna...

5.4CVSS5.6AI score0.00579EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-5725

Malware in sbrugna...

6.5CVSS6.6AI score0.00746EPSS
Exploits1References3
NVD
NVD
added 2020/12/28 10:15 p.m.11 views

CVE-2020-13474

In NCH Express Accounts 8.24 and earlier, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as Add/Edit users...

6.5CVSS6.3AI score0.00746EPSS
Exploits1References2
OSV
OSV
added 2020/12/28 10:15 p.m.4 views

CVE-2020-13474

In NCH Express Accounts 8.24 and earlier, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as Add/Edit users...

6.5CVSS6.6AI score0.00746EPSS
Exploits1References2
OSV
OSV
added 2020/12/28 10:15 p.m.3 views

CVE-2020-13473

NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file...

5.5CVSS6.1AI score0.00285EPSS
Exploits1References2
NVD
NVD
added 2020/12/28 10:15 p.m.15 views

CVE-2020-13473

NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file...

5.5CVSS5.5AI score0.00285EPSS
Exploits1References2
Prion
Prion
added 2020/12/28 10:15 p.m.11 views

Design/Logic Flaw

NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file...

2.1CVSS5.5AI score0.00285EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/12/28 9:19 p.m.19 views

CVE-2020-13474

In NCH Express Accounts 8.24 and earlier, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as Add/Edit users...

6.3AI score0.00746EPSS
Exploits1References2
CVE
CVE
added 2020/12/28 9:19 p.m.71 views

CVE-2020-13474

Affected software: NCH Express Accounts 8.24 and earlier. Vulnerability: an authenticated low-privilege user can craft a URL to access higher-privileged functionalities (e.g., Add/Edit users), indicating a privilege-escalation issue rooted in URL-based access control. Impact: as described, it ena...

6.5CVSS6.3AI score0.00746EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/12/28 9:16 p.m.77 views

CVE-2020-13473

CVE-2020-13473 affects NCH Express Accounts 8.24 and earlier. Local users can read the configuration file and recover the cleartext password, exposing confidential information (CVSS 3.1: LOCAL, HIGH confidentiality impact). The provided documents do not include remediation/patch details.

5.5CVSS5.5AI score0.00285EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/12/28 9:16 p.m.29 views

CVE-2020-13473

NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file...

5.5AI score0.00285EPSS
Exploits1References2
CNNVD
CNNVD
added 2020/12/28 12:0 a.m.5 views

NCH Express Accounts Security Vulnerability

NCH Express Accounts Accounting is a business accounting software. The software includes features such as financial income and expense management, financial analysis and reporting. A security vulnerability exists in NCH Express Accounts version 8.24, which originates when an authenticated,...

6.5CVSS5.8AI score0.00746EPSS
Exploits1References3
CNNVD
CNNVD
added 2020/12/28 12:0 a.m.7 views

NCH Express Accounts Security Vulnerability

NCH Express Accounts Accounting is a business accounting software. The software includes features such as financial income and expense management, financial analysis and reporting. A security vulnerability exists in NCH Express Accounts version 8.24 and prior versions that allows local users to...

5.5CVSS6.1AI score0.00285EPSS
Exploits1References3
OSV
OSV
added 2019/10/17 5:15 p.m.3 views

CVE-2019-16330

In NCH Express Accounts Accounting v7.02, persistent cross site scripting XSS exists in Invoices/Sales Orders/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Sales Orders/Items/Customers/Quotes fields parameter to inject arbitrary JavaScript...

5.4CVSS5.7AI score0.00579EPSS
Exploits1References1
NVD
NVD
added 2019/10/17 5:15 p.m.15 views

CVE-2019-16330

In NCH Express Accounts Accounting v7.02, persistent cross site scripting XSS exists in Invoices/Sales Orders/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Sales Orders/Items/Customers/Quotes fields parameter to inject arbitrary JavaScript...

5.4CVSS5.3AI score0.00579EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/10/17 4:55 p.m.21 views

CVE-2019-16330

In NCH Express Accounts Accounting v7.02, persistent cross site scripting XSS exists in Invoices/Sales Orders/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Sales Orders/Items/Customers/Quotes fields parameter to inject arbitrary JavaScript...

5.3AI score0.00579EPSS
Exploits1References1
CVE
CVE
added 2019/10/17 4:55 p.m.46 views

CVE-2019-16330

CVE-2019-16330 affects NCH Express Accounts Accounting v7.02, with a persistent XSS in Invoices/Sales Orders/Items/Customers/Quotes input fields. An authenticated unprivileged user can modify these fields to inject arbitrary JavaScript, enabling client-side script execution. Connected documents c...

5.4CVSS5.2AI score0.00579EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2019/10/16 12:0 a.m.182 views

Accounts Accounting 7.02 Cross Site Scripting

Exploit Title: Express Accounts Accounting 7.02 - Persistent Cross-Site Scripting Exploit Author: Debashis Pal Date: 2019-10-16 Vendor Homepage: https://www.nchsoftware.com Source: https://www.nchsoftware.com/accounting/index.html Version: Express Accounts Accounting v7.02 CVE : N/A Tested on:...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/10/16 12:0 a.m.61 views

Accounts Accounting 7.02 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Express Accounts Accounting 7.02 - Persistent Cross-Site Scripting Exploit Author: Debashis Pal Vendor Homepage: https://www.nchsoftware.com Source: https://www.nchsoftware.com/accounting/index.html Version: Express Accounts...

7.1AI score
Exploits0
Rows per page
Query Builder