Vulnerabilities > Daybydaycrm > High

DATE CVE VULNERABILITY TITLE RISK
2022-01-13 CVE-2022-22113 Insufficient Session Expiration vulnerability in Daybydaycrm Daybyday
In DayByDay CRM, versions 2.2.0 through 2.2.1 (latest) are vulnerable to Insufficient Session Expiration.
network
low complexity
daybydaycrm CWE-613
8.8
2022-01-05 CVE-2022-22110 Weak Password Requirements vulnerability in Daybydaycrm Daybyday CRM 2.2.0
In Daybyday CRM, versions 1.1 through 2.2.0 enforce weak password requirements in the user update functionality.
network
low complexity
daybydaycrm CWE-521
7.5
2022-01-05 CVE-2022-22111 Missing Authorization vulnerability in Daybydaycrm Daybyday CRM 2.2.0
In DayByDay CRM, version 2.2.0 is vulnerable to missing authorization.
network
low complexity
daybydaycrm CWE-862
8.8