Vulnerabilities > Nchsoftware

DATE CVE VULNERABILITY TITLE RISK
2020-04-07 CVE-2020-11561 Improper Privilege Management vulnerability in Nchsoftware Express Invoice 7.25
In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen.
network
low complexity
nchsoftware CWE-269
6.5
2019-10-17 CVE-2019-16330 Cross-site Scripting vulnerability in Nchsoftware Express Accounts Accounting 7.02
In NCH Express Accounts Accounting v7.02, persistent cross site scripting (XSS) exists in Invoices/Sales Orders/Items/Customers/Quotes input field.
3.5
2019-10-14 CVE-2019-16282 Cross-site Scripting vulnerability in Nchsoftware Express Invoice 7.12
In NCH Express Invoice v7.12, persistent cross site scripting (XSS) exists via the Invoices/Items/Customers/Quotes input field.
3.5
2012-09-06 CVE-2010-5220 Unspecified vulnerability in Nchsoftware MEO Encryption Software 2.02
Untrusted search path vulnerability in MEO Encryption Software 2.02 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .meo or .cry file.
local
nchsoftware
6.9