Vulnerable Software: Express Account
Affected Version: 8.24 and prior
Vendor Homepage: https://www.nchsoftware.com/
CVE Author: Tejas Nitin Pingulkar
Exploit Available: Yes
About Affected Software
Express Accounts is professional business accounting software, perfect for small businesses needing to document and report on incoming and outgoing cash flow, including sales, receipts, payments, and purchases.
Express Accounts has functionality that allows to access it over the web. While configuring web access function application asks for user details such as username, password, email, etc. Application stores this information in “C:\ProgramData\NCH Software\ExpressAccounts\WebAccounts”
A low-authenticated user can access files stored in cleartext format in C:\ProgramData\NCH Software\ExpressAccounts\WebAccounts and obtain username passwords.
Proof Of Concept