All 7 CVE vulnerabilities found in DaybydayCRM, with AI-generated Chinese analysis, references, and POCs.
Vendor: Bottelet
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-22113 | DayByDay CRM - Insufficient Session Expiration after Password Change CWE-613 | 8.8 | High | 2022-01-13 |
| CVE-2022-22112 | DayByDay CRM - Application-Wide Client-Side Template Injection (CSTI) CWE-79 | 5.4 | Medium | 2022-01-13 |
| CVE-2022-22111 | DayByDay CRM - Missing Authorization when Changing Password CWE-862 | 8.8 | High | 2022-01-05 |
| CVE-2022-22110 | DayByDay CRM - Weak Password Requirements in Update User CWE-521 | 7.5 | High | 2022-01-05 |
| CVE-2022-22109 | DayByDay CRM - Stored Cross-Site Scripting (XSS) in Task Title CWE-79 | 5.4 | Medium | 2022-01-05 |
| CVE-2022-22108 | DayByDay CRM - Missing Authorization when Viewing Absences CWE-862 | 4.3 | Medium | 2022-01-05 |
| CVE-2022-22107 | DayByDay CRM - Missing Authorization when Viewing Appointments CWE-862 | 4.3 | Medium | 2022-01-05 |
All 7 known CVE vulnerabilities affecting DaybydayCRM with full Chinese analysis, references, and POCs where available.