Vulnerabilities > Daybydaycrm

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-13	CVE-2022-22112	Cross-site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0 In DayByDay CRM, versions 1.1 through 2.2.1 (latest) suffer from an application-wide Client-Side Template Injection (CSTI). network low complexity daybydaycrm CWE-79	5.4
2022-01-13	CVE-2022-22113	Insufficient Session Expiration vulnerability in Daybydaycrm Daybyday In DayByDay CRM, versions 2.2.0 through 2.2.1 (latest) are vulnerable to Insufficient Session Expiration. network low complexity daybydaycrm CWE-613	8.8
2022-01-05	CVE-2022-22107	Missing Authorization vulnerability in Daybydaycrm Daybyday CRM 2.2.0 In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization. network low complexity daybydaycrm CWE-862	4.3
2022-01-05	CVE-2022-22108	Missing Authorization vulnerability in Daybydaycrm Daybyday CRM 2.2.0 In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization. network low complexity daybydaycrm CWE-862	4.3
2022-01-05	CVE-2022-22109	Cross-site Scripting vulnerability in Daybydaycrm Daybyday CRM 2.2.0 In Daybyday CRM, version 2.2.0 is vulnerable to Stored Cross-Site Scripting (XSS) vulnerability that allows low privileged application users to store malicious scripts in the title field of new tasks. network low complexity daybydaycrm CWE-79	5.4
2022-01-05	CVE-2022-22110	Weak Password Requirements vulnerability in Daybydaycrm Daybyday CRM 2.2.0 In Daybyday CRM, versions 1.1 through 2.2.0 enforce weak password requirements in the user update functionality. network low complexity daybydaycrm CWE-521	7.5
2022-01-05	CVE-2022-22111	Missing Authorization vulnerability in Daybydaycrm Daybyday CRM 2.2.0 In DayByDay CRM, version 2.2.0 is vulnerable to missing authorization. network low complexity daybydaycrm CWE-862	8.8
2020-12-25	CVE-2020-35707	Cross-site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0 Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen. network low complexity daybydaycrm CWE-79	5.4
2020-12-25	CVE-2020-35706	Cross-site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0 Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Project screen. network low complexity daybydaycrm CWE-79	5.4
2020-12-25	CVE-2020-35705	Cross-site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0 Daybyday 2.1.0 allows stored XSS via the Name parameter to the New User screen. network low complexity daybydaycrm CWE-79	5.4

Vulnerabilities > Daybydaycrm {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Daybydaycrm"}]}

Vulnerabilities > Daybydaycrm