Vulnerable Software: Express Invoice
Vulnerability: Privilege Escalation
Affected Version: 7.25
Vendor Homepage: https://www.nchsoftware.com/
CVE Author: Tejas Nitin Pingulkar
Exploit Avilable: POC Avilable
About Affected Software
Express Invoice lets you create invoices you can print, email or fax directly to clients for faster payment. The reporting functionality allows you to keep track of payments, overdue accounts, sales team performance and more.
NCH express invoice software allows to access it over the web.
A web interface provides 3 types of user
The administrator user has access to all modules including “Add New Item” “Add New Customer”. User with viewer privileges don’t have access to “Add New Item” or “Add New Customer” by forceful browsing, we will access admin modules using viewer user privileges
login as low privileged user and for example enter below url
Proof Of Concept