Vulnerabilities (CVE)

Filtered by vendor Nchsoftware Subscribe
Filtered by product Express Accounts
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-13474 1 Nchsoftware 1 Express Accounts 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
In NCH Express Accounts 8.24 and earlier, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as Add/Edit users.
CVE-2020-13473 1 Nchsoftware 1 Express Accounts 2024-11-21 2.1 LOW 5.5 MEDIUM
NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file.