CVE-2020-11561: Express Invoice- Privilege Escalation


Vulnerable Software: Express Invoice

Vulnerability: Privilege Escalation

Affected Version: 7.25

Vendor Homepage:

CVE: CVE-2020-11561

CVE Author: Tejas Nitin Pingulkar

Exploit Avilable: POC Avilable

About Affected Software

Express Invoice lets you create invoices you can print, email or fax directly to clients for faster payment. The reporting functionality allows you to keep track of payments, overdue accounts, sales team performance and more.

Additional Information

NCH express invoice software allows to access it over the web.
A web interface provides 3 types of user

  • Administrator
  • User
  • Viewer

The administrator user has access to all modules including “Add New Item” “Add New Customer”. User with viewer privileges don’t have access to “Add New Item” or “Add New Customer” by forceful browsing, we will access admin modules using viewer user privileges 


login as low privileged user and for example enter below url



Proof Of Concept


Scroll to top