Approved changes feed: RSS · Atom

cpe:2.3:a:nchsoftware:express_invoice:7.25:*:*:*:*:*:*:*

part: a version: 7.25 update: *

VendorNchsoftware (2fa18c30-743e-5430-8678-f6c6515c7625)
ProductExpress Invoice (9c842bde-6442-58e7-8e48-cd7b9a97d07a)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2020-11561 vulnerable 2026-06-08 05:16:47.423143 Details available
In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen.
Published: 2020-04-07T14:31:14.000Z
Updated: 2024-08-04T11:35:13.136Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-11560 vulnerable 2026-06-08 05:16:47.422607 Details available
NCH Express Invoice 7.25 allows local users to discover the cleartext password by reading the configuration file.
Published: 2020-04-07T00:00:00.000Z
Updated: 2024-08-04T11:35:13.228Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.