Express Accounts

express_accounts

Vendor: Nchsoftware • 2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-13474 1Nchsoftware 1Express Accounts Jun 17, 2026 Dec 28, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 In NCH Express Accounts 8.24 and earlier, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as Add/Edit users.
CVE-2020-13473 1Nchsoftware 1Express Accounts Jun 17, 2026 Dec 28, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file.