CVE-2024-8601
TechExcel Back Office Software is vulnerable in versions prior to 1.0.0 due to improper access controls on certain API endpoints. An authenticated remote attacker could exploit this by manipulating a parameter in the API request URL to gain unauthorized access to other users’ sensitive informatio...