High severity8.8NVD Advisory· Published Apr 7, 2020· Updated Jun 17, 2026
CVE-2020-11561
CVE-2020-11561
Description
In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- NCH/Express Invoicedescription
- Range: <7.25
Patches
Vulnerability mechanics
References
3- tejaspingulkar.blogspot.com/2020/03/cve-cve-2020-11561-title-escalation-via.htmlnvdExploitThird Party Advisory
- youtu.be/-i2KtBgO3KwnvdExploitThird Party Advisory
- tejaspingulkar.blogspot.comnvdThird Party Advisory
News mentions
0No linked articles in our index yet.