Vulnerabilities > Nchsoftware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-07 | CVE-2020-11561 | Improper Privilege Management vulnerability in Nchsoftware Express Invoice 7.25 In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen. | 6.5 |
2019-10-17 | CVE-2019-16330 | Cross-site Scripting vulnerability in Nchsoftware Express Accounts Accounting 7.02 In NCH Express Accounts Accounting v7.02, persistent cross site scripting (XSS) exists in Invoices/Sales Orders/Items/Customers/Quotes input field. | 3.5 |
2019-10-14 | CVE-2019-16282 | Cross-site Scripting vulnerability in Nchsoftware Express Invoice 7.12 In NCH Express Invoice v7.12, persistent cross site scripting (XSS) exists via the Invoices/Items/Customers/Quotes input field. | 3.5 |
2012-09-06 | CVE-2010-5220 | Unspecified vulnerability in Nchsoftware MEO Encryption Software 2.02 Untrusted search path vulnerability in MEO Encryption Software 2.02 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .meo or .cry file. local nchsoftware | 6.9 |