CVEs-PoC/2020/CVE-2020-11561.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 23:27:33 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

795 B

Raw Blame History

CVE-2020-11561

Description

In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen.

POC

Reference

https://tejaspingulkar.blogspot.com
https://tejaspingulkar.blogspot.com/2020/03/cve-cve-2020-11561-title-escalation-via.html
https://youtu.be/-i2KtBgO3Kw

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/superhero1/OSCP-Prep

795 B Raw Blame History

CVE-2020-11561

Description

POC

Reference

Github

795 B

Raw Blame History