3 matches found
Bottelet Daybyday Crm Cross-Site Scripting Vulnerability
Bottelet Daybyday Crm is a website builder for task, time, employee, and vacation management by Bottelet Personal Developers. A cross-site scripting vulnerability exists in Daybyday 2.1.0 that allows storing XSS to the New Item screen via the title parameter...
CVE-2020-11561
In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen...
Code injection
In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen...