Vulnerabilities > Daybydaycrm > Daybyday CRM

DATE CVE VULNERABILITY TITLE RISK
2022-01-05 CVE-2022-22107 Missing Authorization vulnerability in Daybydaycrm Daybyday CRM
In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization.
network
low complexity
daybydaycrm CWE-862
4.0
4.0
2022-01-05 CVE-2022-22108 Missing Authorization vulnerability in Daybydaycrm Daybyday CRM
In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization.
network
low complexity
daybydaycrm CWE-862
4.0
4.0
2022-01-05 CVE-2022-22109 Cross-site Scripting vulnerability in Daybydaycrm Daybyday CRM 2.2.0
In Daybyday CRM, version 2.2.0 is vulnerable to Stored Cross-Site Scripting (XSS) vulnerability that allows low privileged application users to store malicious scripts in the title field of new tasks. 		3.5
3.5
2022-01-05 CVE-2022-22110 Weak Password Requirements vulnerability in Daybydaycrm Daybyday CRM
In Daybyday CRM, versions 1.1 through 2.2.0 enforce weak password requirements in the user update functionality.
network
low complexity
daybydaycrm CWE-521
5.0
5.0
2022-01-05 CVE-2022-22111 Missing Authorization vulnerability in Daybydaycrm Daybyday CRM 2.2.0
In DayByDay CRM, version 2.2.0 is vulnerable to missing authorization.
network
low complexity
daybydaycrm CWE-862
6.5
6.5