RSS   Vulnerabilities for 'Express invoice'   RSS

2020-12-28
 
CVE-2020-13476

CWE-79
 

 
NCH Express Invoice 8.06 to 8.24 is vulnerable to Reflected XSS in the Quotes List module.

 
2020-04-07
 
CVE-2020-11561

CWE-269
 

 
In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen.

 
 
CVE-2020-11560

CWE-522
 

 
NCH Express Invoice 7.25 allows local users to discover the cleartext password by reading the configuration file.

 

 >>> Vendor: Nchsoftware 7 Products
Meo encryption software
Axon pbx
Express invoice
Express accounts
Ivm attendant
Quorum
Webdictate


Copyright 2024, cxsecurity.com

 

Back to Top