CVEWalkthrough

Year: 2020

CVE-2020-13474: NCH Express Accounts- Privilege Escalation

tp9222@gmail.comUncategorized3 Comments on CVE-2020-13474: NCH Express Accounts- Privilege Escalation

Vulnerable Software: NCH Express Accounts Vulnerability: Privilege Escalation Affected Version: 8.24 and prior Vendor Homepage: https://www.nchsoftware.com/ CVE: CVE-2020-13474 CVE Author: Tejas Nitin Pingulkar Exploit Available: Yes About Affected Software Express Accounts is professional business accounting software, perfect for small businesses needing to document and report on incoming and outgoing cash flow, including sales, receipts, payments, and purchases. Additional Information NCH […]

Read More

CVE-2020-13473: NCH Account-Clear Text Password Storage

tp9222@gmail.comUncategorizedNo Comments on CVE-2020-13473: NCH Account-Clear Text Password Storage

Vulnerable Software: Express Account Affected Version: 8.24 and prior Vendor Homepage: https://www.nchsoftware.com/ CVE: CVE-2020-13473 CVE Author: Tejas Nitin Pingulkar Exploit Available: Yes About Affected Software Express Accounts is professional business accounting software, perfect for small businesses needing to document and report on incoming and outgoing cash flow, including sales, receipts, payments, and purchases. Additional Information Express Accounts has functionality that […]

Read More

Verint: Unauthenticated Information Disclosure via API

tp9222@gmail.comUncategorized1 Comment on Verint: Unauthenticated Information Disclosure via API

Vulnerable Software: Verint Workforce Optimization (WFO) Vulnerability: Unauthenticated Information Disclosure via API Affected Version: 15.1 (15.1.0.37634) Vendor Homepage: Link CVE:  2020-23446 CVE Author: Tejas Nitin Pingulkar Exploit Available: POC Available About Affected Software: Verint Workforce Optimization is a suite of unified software and services for capturing interactions and managing the performance of employees across the enterprise or in targeted areas […]

Read More

CVE-2020-13480:Verint Workforce Optimization : HTML Injection

tp9222@gmail.comUncategorized1 Comment on CVE-2020-13480:Verint Workforce Optimization : HTML Injection

Vulnerable Software: Verint Workforce Optimization (WFO) Vulnerability: HTML Injection Affected Version: 15.2 Vendor Homepage:  https://www.verint.com CVE: CVE-2020-13480 CVE Author: Tejas Nitin Pingulkar Exploit Available: POC Available About Affected Software Verint Workforce Optimization is a suite of unified software and services for capturing interactions and managing the performance of employees across the enterprise or in targeted areas of your business, including: Back-office operations […]

Read More

CVE-2020-11560

tp9222@gmail.comUncategorizedNo Comments on CVE-2020-11560

CVE-2020-11560 NCH Express Clear Text Password Storage Summery Vulnerable Software: Express Invoice Affected Version: 7.25 Vendor Homepage: https://www.nchsoftware.com/ CVE: CVE-2020-11560 CVE Author: Tejas Nitin Pingulkar Exploit Avilable: POC Avilable   About Affected Software Express Invoice lets you create invoices you can print, email or fax directly to clients for faster payment. The reporting functionality allows you to keep track of […]

Read More
Scroll to top